Unrated severityNVD Advisory· Published Sep 27, 2023· Updated Sep 20, 2024
Call management - Implicit intents disclose telephony data such as phone numbers, call states, contacts
CVE-2023-44126
Description
The vulnerability is that the Call management ("com.android.server.telecom") app patched by LG sends a lot of LG-owned implicit broadcasts that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as call states, durations, called numbers, contacts info, etc.
Affected products
2- LG Electronics/LG V60 Thin Q 5G(LMV600VM)v5Range: Android 8
Patches
Vulnerability mechanics
References
1- lgsecurity.lge.com/bulletins/mobilemitrevendor-advisory
News mentions
0No linked articles in our index yet.