556 matches found
CVE-2023-20934
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-44636
The Samsung TV 2021 and 2022 model smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models...
CVE-2022-20446
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-46313
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone...
CVE-2021-30882
A logic issue was addressed with improved validation. This issue is fixed in watchOS 8, iOS 15 and iPadOS 15. An application with microphone permission may unexpectedly access microphone input during a FaceTime call...
CVE-2021-29959
When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This...
CVE-2020-11470
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process with the user's privileges to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access...
CVE-2019-15469
The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other pre-installed...
CVE-2019-15474
The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphone aud...
CVE-2019-15743
The Sony Xperia Touch Android device with a build fingerprint of Sony/blancwindy/blancwindy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app versionCode=24, versionName=7.0 that allows...
CVE-2019-8566
An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user...
CVE-2019-6222
A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown...
CVE-2019-15470
The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other...
CVE-2019-15471
The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other pre-install...
CVE-2019-15472
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...
CVE-2024-58101
Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...
CVE-2024-58101
Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...
CVE-2024-58101
Samsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a consequence, audio playback takeover or even microphone recording without user consent or notification is achieved. Note: This is considered a low severity...
SAMSUNG Galaxy Buds 安全漏洞
SAMSUNG Galaxy Buds is a wireless Bluetooth headset from South Korea's Samsung SAMSUNG that supports active noise cancellation and voice assistant. A security vulnerability exists in SAMSUNG Galaxy Buds, which stems from a default Bluetooth pairing mode that may result in audio takeover or...
CVE-2024-58101
CVE-2024-58101 affects Samsung Galaxy Buds and Galaxy Buds 2. The issue arises because Bluetooth pairing is enabled by default, allowing pairings without user input or an option to disable this mode. Impact described in sources includes potential audio playback takeover and microphone recording w...