Back to KEVs

CVE-2019-16256

Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location...

Basic Information

CVE State: PUBLISHED
Reserved Date: September 12, 2019
Published Date: September 12, 2019
Last Updated: February 04, 2025
Vendor: n/a
Product: n/a
Description: Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.

CVSS Scores

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC