15 matches found
CVE-2022-20310
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2020-0448
In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...
CVE-2022-20311
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20310
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20310
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20311
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20311
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20310
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...
CVE-2022-20284
In Telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of phone accounts with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2022-20311
CVE-2022-20311 affects Android 13 Telecomm: a missing permission check could disclose registered self-managed phone accounts, enabling local information disclosure with low risk of exploitation (attack vector LOCAL, UI:N). Root cause is a permission check omission in Telecomm that exposes sensiti...
PT-2022-14509 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: There is a possible information disclosure in Telephony due to a missing permission check. This could lead to local information disclosure of phone accounts, requiring User execution privileges. No use...
CVE-2020-0448
In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...
Think You’ve Got Your Credit Freezes Covered? Think Again.
I spent a few days last week speaking at and attending a conference on responding to identity theft. The forum was held in Florida, one of the major epicenters for identity fraud complaints in United States. One gripe I heard from several presenters was that identity thieves increasingly are...
US Intelligence Chief Hacked by the Teen Who Hacked CIA Director
Nation's Top Spy Chief Got Hacked! The same teenage hacker who broke into the AOL email inbox of CIA Director John Brennan last October has now claimed to have broken into personal email and phone accounts of the US Director of National Intelligence James Clapper. Clapper was targeted by the...
Exploiting Skype: Building a telephone botnet
From the Industry Standard Robert McMillan Flaws in popular Internet-based telephony systems could be exploited to create a network of hacked phone accounts, somewhat like the botnets that have been wreaking havoc with PCs for the past few years. Researchers at Secure Science recently discovered...