Security Vulnerabilities - CVEs Published In July 2022
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-07-12
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.
CVSS Score
2.0
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-07-12
Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-07-12
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-07-12
Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
CVSS Score
2.0
EPSS Score
0.0
Published
2022-07-12