free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.1 contained security vulnerabilities. These vulnerabilities stemmed from the GET request handler not properly returning values when necessary parameters were missing. This allowed the...

EUVD-2021-28850

Malicious code in bioql PyPI...

CVE-2021-41849

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. It sends the following Personally Identifiable Information PII in plaintext using HTTP to servers located in China: user's list of installed apps and device International Mobile Equipment Identity IMEI. This PII is transmitted to...

CVE-2022-36874

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number...

CVE-2022-33687

Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log...

SAMSUNG Mobile devices TelephonyUI 安全漏洞

Samsung TelephonyUI putDsaSimImsi is a Telephony service for Samsung mobile devices that provides support for the Telephony Application Programming Interface TAPI.An information disclosure vulnerability exists in Samsung TelephonyUI putDsaSimImsi, which stems from putDsaSimImsi in TelephonyUI lac...

Samsung SMR 安全漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in Samsung SMR that originates from improper authorization in TelephonyManager and allows an attacker to gain access to IMSI without the...

Securing Mobile Devices During Summer Travel

As summer begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. NCCIC encourages users to review the...