22 matches found
CVE-2018-14990
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services...
CVE-2025-12080
CVE-2025-12080 affects Google Messages for Wear OS when it is the default SMS/MMS/RCS app. The root cause is improper handling of ACTION_SENDTO intents using sms:, smsto:, mms:, and mmsto: URI schemes, enabling an attacker who can invoke an Android intent to covertly send messages on behalf of th...
EUVD-2018-6873
Malware in sbrugna...
CVE-2023-21149
In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing
A new sophisticated phishing-as-a-service PhaaS platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services RCS for Android. Lucid's unique selling point lies in its weaponizing of legitimate communication...
PT-2024-10293 · Google +1 · Google Messages +1
The vulnerable software is Samsung's Monkey's Audio APE decoder, used in Samsung smartphones running Android versions 12, 13, and 14. The vulnerability is a high-severity out-of-bounds write flaw that allows remote attackers to execute arbitrary code on the device without any user interaction. Th...
CVE-2024-20899
Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information...
PT-2024-18812 · Ims · Ims
Name of the Vulnerable Software and Affected Versions: IMS service versions prior to SMR Jul-2024 Release 1 Description: The issue concerns the use of implicit intent for sensitive communication in the RCS function of the IMS service, allowing local attackers to obtain sensitive information...
CVE-2023-21149
In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that stems from the presence of a missing privilege check in the registerGsmaServiceIntentReceiver of the ShannonRcsService.java file, with a possible way to activate/deactivate...
CVE-2022-39903
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Dec-2022 Release 1 prior to this release, which stems from an incorrect access control...
Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-29858)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to bypass FRP via an RCS call...
CVE-2019-20552
An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via an RCS call. The Samsung ID is SVE-2019-15035 October 2019...
CVE-2018-14991
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
Design/Logic Flaw
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
Design/Logic Flaw
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
CVE-2018-14991
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Revvl Plus with a build fingerprint of...
CVE-2018-14991
CVE-2018-14991 affects Coolpad Defiant, ZTE ZMAX Pro, and T-Mobile Revvl Plus due to a pre-installed Rich Communication Services (RCS) app. The vulnerable components include an app with package name com.suntek.mway.rcs.app.service (exported MessageProvider) and a refactored version com.rcs.gsma.n...