15 matches found
CVE-2025-12080
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...
CVE-2025-12080
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...
CVE-2025-12080
CVE-2025-12080 affects Google Messages for Wear OS when it is the default SMS/MMS/RCS app. The root cause is improper handling of ACTION_SENDTO intents using sms:, smsto:, mms:, and mmsto: URI schemes, enabling an attacker who can invoke an Android intent to covertly send messages on behalf of th...
CVE-2025-12080 Intent Abuse in Google Messages for Wear OS for Silent Message Sending
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...
EUVD-2025-36129
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...
CVE-2025-12080 Intent Abuse in Google Messages for Wear OS for Silent Message Sending
On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...
PT-2025-43907
Name of the Vulnerable Software and Affected Versions Google Messages for Wear OS affected versions not specified Description A flaw exists in Google Messages for Wear OS where the handling of ACTION SENDTO intents using sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is...
Google Messages 安全漏洞
Google Messages is an instant messaging application from Google, Inc USA. A security vulnerability exists in Google Messages that stems from improper handling of the ACTIONSENDTO intent, which could lead to unauthorized message sending...
Google Is Using On-Device AI to Spot Scam Texts and Investment Fraud
Android’s “Scam Detection” protection in Google Messages will now be able to flag even more types of digital fraud...
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam...
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the...
PT-2024-10293 · Google +1 · Google Messages +1
The vulnerable software is Samsung's Monkey's Audio APE decoder, used in Samsung smartphones running Android versions 12, 13, and 14. The vulnerability is a high-severity out-of-bounds write flaw that allows remote attackers to execute arbitrary code on the device without any user interaction. Th...
Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol
Google has announced that it intends to add support for Message Layer Security MLS to its Messages service for Android and open source an implementation of the specification. "Most modern consumer messaging platforms including Google Messages support end-to-end encryption, but users today are...
Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks
Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks. The South Korean chaebol said the solution "preemptively" secures users' devices by "limiting exposure to invisible threats...
Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks
Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks. The South Korean chaebol said the solution "preemptively" secures users' devices by "limiting exposure to invisible threats...