Security Advisory

CVE-2023-44126

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-27 14:01:46

Last updated 2024-09-20 19:47:59

Assigner LGE

State PUBLISHED

Description

The vulnerability is that the Call management ("com.android.server.telecom") app patched by LG sends a lot of LG-owned implicit broadcasts that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as call states, durations, called numbers, contacts info, etc.

← Browse all CVEs View on cve.org ↗