SecTelephonyProvider
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-21017 | Med | 0.30 | — | — | Jun 5, 2026 | Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. | ||
| CVE-2022-39906 | 0.00 | — | 0.00 | Dec 8, 2022 | Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information. | |||
| CVE-2022-33688 | 0.00 | — | 0.00 | Jul 11, 2022 | Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | |||
| CVE-2021-25501 | 0.00 | — | 0.00 | Nov 5, 2021 | An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. |
- risk 0.30cvss —epss —
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.
- CVE-2022-39906Dec 8, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.
- CVE-2022-33688Jul 11, 2022risk 0.00cvss —epss 0.00
Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
- CVE-2021-25501Nov 5, 2021risk 0.00cvss —epss 0.00
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.