Vulnerability Details CVE-2025-43977
The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.7%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2025-43977
-
cpe:2.3:a:sktelecom:com.skt.prod.dialer:12.5.0