CVE-2023-33890
CVE-2023-33890 concerns a missing permission check in the telephony service, enabling local information disclosure without extra privileges. Multiple sources (including UNISOC-related disclosures) consistently attribute the issue to the telephony component, with an attack vector classified as LOC...