var-201912-1596
Vulnerability from variot
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. Samsung Galaxy S3/S4 Contains an improper default permissions vulnerability.Information may be altered. The Samsung Galaxy S3 and S4 are prone to a local security-bypass vulnerability. An attacker with local physical access to a device can exploit this issue to bypass certain security restriction and perform unauthorized actions. Hi list, I would like to inform you that the details of the vulnerability in built-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763 and CVE-2013-4764) are now disclosed to public. By exploiting these unprotected components, an unprivileged app can trigger a so-called \x93restore\x94 operation to write SMS messages back to the standard SMS database file (mmssms.db) used by the system messaging app, i.e., SecMms.apk. Similarly, fake MMS messages and call logs are also possible. This vulnerability has been disclosed in CVE-2013-4763.
Also, these components can be sequentially triggered in a specific order to create arbitrary SMS content, inject to system-wide SMS database, and then trigger the built-in SMS-sending behavior (to arbitrary destination). This vulnerability has been disclosed in CVE-2013-4764.
QIHU Inc. discovered these vulnerability and informed Samsung Corp. in June 10, 2013. Samsung confirmed the vulerability and is now preparing an OTA update. As a temporary workaround, disable the sCloudBackupProvider.apk app would help block known attack vectors.
Details of CVE-2013-4763 and CVE-2013-4764 can be also found in QIHU Inc.'s official site: http://shouji.360.cn/securityReportlist/CVE-2013-4763.html http://shouji.360.cn/securityReportlist/CVE-2013-4764.html
Regards, Z.X. from QIHU Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1596",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "galaxy s3",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s4",
"scope": "eq",
"trust": 2.2,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s3",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s4",
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s4",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "galaxy s iii",
"scope": "eq",
"trust": 0.3,
"vendor": "samsung",
"version": "0"
},
{
"model": "scloudbackupprovider.apk",
"scope": "eq",
"trust": 0.3,
"vendor": "jdsingle76",
"version": "1.4"
},
{
"model": "scloudbackupprovider.apk",
"scope": "eq",
"trust": 0.3,
"vendor": "jdsingle76",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "61280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:galaxy_s3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4763"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Z.X. of QIHU Inc.",
"sources": [
{
"db": "BID",
"id": "61280"
}
],
"trust": 0.3
},
"cve": "CVE-2013-4763",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-4763",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-4763",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4763",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-1173",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. Samsung Galaxy S3/S4 Contains an improper default permissions vulnerability.Information may be altered. The Samsung Galaxy S3 and S4 are prone to a local security-bypass vulnerability. \nAn attacker with local physical access to a device can exploit this issue to bypass certain security restriction and perform unauthorized actions. Hi list,\nI would like to inform you that the details of the vulnerability in\nbuilt-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763\nand CVE-2013-4764) are now disclosed to public. By exploiting these unprotected components, an\nunprivileged app can trigger a so-called \\x93restore\\x94 operation to write\nSMS messages back to the standard SMS database file (mmssms.db) used\nby the system messaging app, i.e., SecMms.apk. Similarly, fake MMS messages and call logs are also\npossible. This vulnerability has been disclosed in CVE-2013-4763. \n\nAlso, these components can be sequentially triggered in a specific\norder to create arbitrary SMS content, inject to system-wide SMS\ndatabase, and then trigger the built-in SMS-sending behavior (to\narbitrary destination). This vulnerability has been disclosed in\nCVE-2013-4764. \n\nQIHU Inc. discovered these vulnerability and informed Samsung Corp. in\nJune 10, 2013. Samsung confirmed the vulerability and is now preparing\nan OTA update. As a temporary workaround, disable the\nsCloudBackupProvider.apk app would help block known attack vectors. \n\nDetails of CVE-2013-4763 and CVE-2013-4764 can be also found in QIHU\nInc.\u0027s official site:\nhttp://shouji.360.cn/securityReportlist/CVE-2013-4763.html\nhttp://shouji.360.cn/securityReportlist/CVE-2013-4764.html\n\nRegards,\nZ.X. from QIHU Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "BID",
"id": "61280"
},
{
"db": "PACKETSTORM",
"id": "122428"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4763",
"trust": 2.8
},
{
"db": "BID",
"id": "61280",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "122428",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "61280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "PACKETSTORM",
"id": "122428"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"id": "VAR-201912-1596",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7951389
},
"last_update_date": "2023-12-18T13:37:59.886000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.samsung.com/global/galaxy/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-276",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.securityfocus.com/bid/61280"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0108.html"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4763"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4763"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
},
{
"trust": 0.3,
"url": "http://www.androidfilehost.com/?fid=13858035414129967185"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2013/jul/107"
},
{
"trust": 0.1,
"url": "http://shouji.360.cn/securityreportlist/cve-2013-4764.html"
},
{
"trust": 0.1,
"url": "http://shouji.360.cn/securityreportlist/cve-2013-4763.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4764"
}
],
"sources": [
{
"db": "BID",
"id": "61280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "PACKETSTORM",
"id": "122428"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "61280"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"db": "PACKETSTORM",
"id": "122428"
},
{
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-17T00:00:00",
"db": "BID",
"id": "61280"
},
{
"date": "2020-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"date": "2013-07-17T00:10:22",
"db": "PACKETSTORM",
"id": "122428"
},
{
"date": "2019-12-27T17:15:15.297000",
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"date": "2019-12-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-17T00:00:00",
"db": "BID",
"id": "61280"
},
{
"date": "2020-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007051"
},
{
"date": "2020-01-10T13:48:57.043000",
"db": "NVD",
"id": "CVE-2013-4763"
},
{
"date": "2020-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "61280"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung Galaxy S3/S4 Inadequate default permissions vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007051"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-1173"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.