Known Vulnerabilities
CVE-2022-22292
Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity.
HIGH
CVSS 7.1
Published Feb 11, 2022
CVE-2022-22291
Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.
MEDIUM
CVSS 5.5
Published Feb 11, 2022
CVE-2022-22272
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission
MEDIUM
CVSS 4.0
Published Jan 07, 2022
CVE-2022-22264
Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission.
HIGH
CVSS 7.7
Published Jan 07, 2022