Vulnerability Name:

CVE-2016-6910 (CCN-120201)

Assigned:2016-12-23
Published:2016-12-23
Updated:2016-12-28
Summary:The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The vulnerable system app gives a non-existent app the ability to read the notifications from the device, which a third-party app can utilize if it uses a package name of com.samsung.android.app.portalservicewidget. This vulnerability allows an unprivileged third-party app to obtain the text of the user's notifications, which tend to contain personal data.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
5.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2016-6910

Source: CCN
Type: Kryptowire Web site
Factory Resets and Obtaining Notifications on Samsung Android Devices

Source: MISC
Type: Technical Description, Third Party Advisory
http://www.kryptowire.com/disclosures/CVE-2016-6910/Factory_Resets_and_Obtaining_Notifications_on_Samsung_Android_Devices.pdf

Source: CCN
Type: Samsung Web site
Electronics & Appliances: Tablets, Smartphones, TVs | Samsung US

Source: BID
Type: UNKNOWN
95092

Source: CCN
Type: BID-95092
Multiple Samsung Galaxy Product Information Disclosure Vulnerability

Source: XF
Type: UNKNOWN
samsung-cve20166910-info-disc(120201)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:google:android:5.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:google:android:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:google:android:6.0.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:samsung:galaxy_s6:*:*:*:*:*:*:*:*
  • OR cpe:/h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    google android 5.0.2
    google android 5.1.1
    google android 6.0.1
    samsung galaxy s6 *
    samsung galaxy s6 edge -