Ars Technica that calling the issue a "'backdoor' is a bit far-fetched". He went on to explain "three crucial facts" that debunk the claims.Dan Rosenberg, a senior security researcher at Azimuth Security, admits that Samsung devices do have a flaw, and he said it could be found in the Galaxy S4 and Note 3, not just the Galaxy S III and Note II mentioned by Replicant. But, Rosenberg told
First, "there is virtually no evidence for the ability to remotely execute this functionality." Rosenberg notes that the Replicant team says that it is "likely" there is a remote control mechanism, but give no evidence to support that claim. Second, even if such functionality does exist, read/write capability would be limited to the radio and the SD card, not the whole system. Last, "the specifics of the vulnerability suggest that it was poorly programmed legitimate functionality rather than a secret backdoor."
All this to say that there was never malicious intent, just bad coding; and, it is unlikely that the vulnerability would cause as serious a threat as Replicant made it out to have.
source: Ars Technica