Security Vulnerabilities
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-09-03
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-09-03
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-09-03
Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-09-03
Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local attacker to access protected data using exported service.
CVSS Score
6.4
EPSS Score
0.0
Published
2025-09-03
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-09-03
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
CVSS Score
8.5
EPSS Score
0.0
Published
2025-09-03
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVSS Score
6.0
EPSS Score
0.0
Published
2025-09-03
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-09-03
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-09-03