27/9/2023
20/9/2024
CVE-2023-44126: Call management - Implicit intents disclose telephony data such as phone numbers, call states, contacts
First published: Wed Sep 27 2023(Updated: )
The vulnerability is that the Call management ("com.android.server.telecom") app patched by LG sends a lot of LG-owned implicit broadcasts that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as call states, durations, called numbers, contacts info, etc.
Credit: product.security@lge.com product.security@lge.com
Affected Software | Affected Version | How to fix |
---|
Google Android | >=8.0<=13.0 | |
Lg V60 Thin Q 5g | | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-44126?
CVE-2023-44126 is a vulnerability in the Call management app patched by LG, which sends LG-owned implicit broadcasts that disclose sensitive data to third-party apps.
What is the severity of CVE-2023-44126?
The severity of CVE-2023-44126 is medium with a severity value of 5.5.
How does CVE-2023-44126 affect Google Android?
CVE-2023-44126 affects Google Android versions 8.0 to 13.0.
How does CVE-2023-44126 affect the LG V60 Thin Q 5G?
The LG V60 Thin Q 5G is not vulnerable to CVE-2023-44126.
How can I fix CVE-2023-44126?
To fix CVE-2023-44126, it is recommended to update the Call management app on your LG device.
- agent/author
- agent/type
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/event
- agent/tags
- agent/description
- agent/first-publish-date
- vendor/google
- canonical/google android
- version/google android/8.0
- version/google android/13.0
- vendor/lg
- canonical/lg v60 thin q 5g
Contact
SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.coBy using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203