Описание
he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.0 (включая) до 13.0 (включая)
Одновременно
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
cpe:2.3:h:lg:v60_thin_q_5g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00046
Низкий
3.6 Low
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-927
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 3.6
github
больше 2 лет назад
he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.
EPSS
Процентиль: 14%
0.00046
Низкий
3.6 Low
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-927
NVD-CWE-noinfo