12 matches found
CVE-2023-38300
A certain software build for the Orbic Maui device Orbic/RC545L/RC545L:10/ORB545LV1.4.2BVZPP/230106:user/release-keys leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party...
CVE-2023-38299
Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining...
CVE-2023-38298
Various software builds for the following TCL devices 30Z, A3X, 20XE, 10L leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device...
CVE-2023-38297
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...
CVE-2023-38297
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...
PT-2024-12704 · Nokia +2 · Nokia C200 +3
Name of the Vulnerable Software and Affected Versions: AT&T Calypso version ATT/U318AA/U318AA:10/QP1A.190711.020/1632369780:user/release-keys Nokia C100 versions Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1 190:user/release-keys through Nokia/DrakeLite 02US/DKT:12/SP1A.210812.016/02US 1...
CVE-2023-38298
Various software builds for the following TCL devices 30Z, A3X, 20XE, 10L leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device...
CVE-2023-38299
Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining...
CVE-2023-38298
CVE-2023-38298 affects TCL devices: 30Z, A3X, 20XE, and 10L. A high-privilege process leaks the IMEI to the system property gsm.device.imei0 , which can be read by any local app without permissions. This enables indirect IMEI exposure by non-privileged apps. Affected builds include specific TCL d...
CVE-2023-38297
CVE-2023-38297 affects the pre-installed com.factory.mmigroup app (version 2.1) on multiple Android devices. The component runs as the system user and exposes zero-permission capabilities to local apps, including arbitrary AT command execution, programmatic factory reset, IMEI/serial leakage, pow...
PT-2024-12702 · Unknown · Com.Factory.Mmigroup
Name of the Vulnerable Software and Affected Versions: com.factory.mmigroup version 2.1 Description: An issue was discovered in the com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable...
CVE-2015-9064
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated...