Security Advisory

CVE-2016-3888

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-09-11 21:00:00

Last updated 2024-08-06 00:10:31

Assigner google_android

State PUBLISHED

Description

internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123.

← Browse all CVEs View on cve.org ↗