TelephonyUI
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-30698 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege. | |||
| CVE-2023-21428 | 0.00 | — | 0.00 | Feb 9, 2023 | Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||
| CVE-2022-33700 | 0.00 | — | 0.00 | Jul 11, 2022 | Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | |||
| CVE-2022-33699 | 0.00 | — | 0.00 | Jul 11, 2022 | Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | |||
| CVE-2022-33689 | 0.00 | — | 0.00 | Jul 11, 2022 | Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | |||
| CVE-2021-25397 | 0.00 | — | 0.00 | Jun 11, 2021 | An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications. |
- CVE-2023-30698Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.
- CVE-2023-21428Feb 9, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.
- CVE-2022-33700Jul 11, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
- CVE-2022-33699Jul 11, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
- CVE-2022-33689Jul 11, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call.
- CVE-2021-25397Jun 11, 2021risk 0.00cvss —epss 0.00
An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications.