Posted on

CVE-2013-4764 (galaxy_s3_firmware, galaxy_s4_firmware)

Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.