CVE-2019-16256
CRITICAL KEVSIMalliance Toolbox Browser - Remote Data Retrieval and Command Execution via STK Instructions
Title source: llmExploitation Summary
CVE-2019-16256 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021.
Description
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16256
Scores
CVSS v3
9.8
EPSS
0.6119
EPSS Percentile
98.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2021-11-03
VulnCheck KEV
2021-11-03
InTheWild.io
2021-07-23
ENISA EUVD
EUVD-2019-7062
Status
published
Products (1)
trustedconnectivityalliance/s\@t_browser
Published
Sep 12, 2019
KEV Added
Nov 03, 2021
Tracked Since
Feb 18, 2026