Google’s Android operating system may be open source, but the version of Android that runs on most phones, tablets, and other devices includes proprietary, closed-source components. Samsung’s IPC protocol, implements a class of requests, known as RFS commands, that allows the modem to perform remote I/O operations on the phone’s storage. The backdoor might have been placed there accidently, but remote ability of modifications to the user’s personal data without user knowledge poses a serious threat.
Source: https://thehackernews.com/2014/03/backdoor-found-in-samsung-galaxy.html