CVE-2022-22272

Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READPRIVILEGEDPHONESTATE permission...

Samsung SMR 安全漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in Samsung SMR that originates from improper authorization in TelephonyManager and allows an attacker to gain access to IMSI without the...

CVE-2018-7957

Huawei smartphones with software Victoria-AL00 8.0.0.336aC00 have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally...

Authorization

Huawei smartphones with software Victoria-AL00 8.0.0.336aC00 have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally...

Android Telephony Information Disclosure Vulnerability

Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA.Telephony is one of the components that provides telephony functionality. The internal/telephony/PhoneSubInfoController.java file in Telephony in versions 5.x prior to Android 5.1.1 LMY49H...

CVE-2016-0831

The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READPHONESTATE permission, which allows attackers to obtain sensitive information via a crafted application, aka...

UBUNTU-CVE-2016-0831

The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READPHONESTATE permission, which allows attackers to obtain sensitive information via a crafted application, aka...

Google Play Store Update Allows Apps to Silently Gain Control of Your Device

Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into 'groups of related...

Yome Collection for Android issue in management of IMEI

Overview Yome Collection for Android contains an issue which stores the International Mobile Equipment Identity IMEI on a SD card. Applications without the READPHONESTATE permission may obtain the IMEI from the SD card. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University...