CVE-2019-16257
First published: Thu Sep 12 2019(Updated: )
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Motorola Motorola Firmware | ||
| Motorola Motorola |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-16257?
CVE-2019-16257 is a vulnerability found in some Motorola devices that include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC.
What is the severity of CVE-2019-16257?
CVE-2019-16257 has a severity rating of 9.8, which is considered critical.
How does CVE-2019-16257 work?
CVE-2019-16257 allows remote attackers to retrieve location and IMEI information, or execute commands, by sending SIM Toolkit (STK) instructions via an SMS message.
Which software is affected by CVE-2019-16257?
The affected software includes Motorola Firmware on some Motorola devices.
How can I protect myself from CVE-2019-16257?
To protect yourself from CVE-2019-16257, make sure to keep your device's firmware up to date and be cautious when opening SMS messages from unknown or suspicious sources.
- collector/nvd-index
- agent/tags
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/motorola
- canonical/motorola motorola firmware
- canonical/motorola motorola