Vulnerabilities > CVE-2023-44127 - Unspecified vulnerability in Google Android

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

google

NVD

Published: 2023-09-27

Updated: 2023-10-02

Summary

he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 8.0 Google Android 8.1 Google Android 9.0 Google Android 10.0 Google Android 11.0 Google Android 12.0 Google Android 12.0L Google Android 12.1 Google Android 12L Google Android 13.0	14
Hardware	Lg LG V60 Thin Q 5G -	1

References

https://lgsecurity.lge.com/bulletins/mobile#updateDetails