Medium severity5.5NVD Advisory· Published Mar 12, 2016· Updated Jun 17, 2026
CVE-2016-0831
CVE-2016-0831
Description
The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25778215.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
- Range: 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.