he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.
References
Link | Resource |
---|---|
https://lgsecurity.lge.com/bulletins/mobile#updateDetails | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: LGE
Published: 2023-09-27T14:05:24.523Z
Updated: 2023-09-27T14:05:24.523Z
Reserved: 2023-09-26T05:57:13.719Z
Link: CVE-2023-44127
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-27T15:19:37.067
Modified: 2023-10-02T15:21:30.717
Link: CVE-2023-44127
JSON object: View
Redhat Information
No data.