Platform Packages Apps Dialer vulnerabilities
3 known vulnerabilities affecting platform/packages_apps_dialer.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN3
Vulnerabilities
Page 1 of 1
CVE-2022-20134UNKNOWN≥ 12L-next:0, < 12L-next:2022-06-01≥ 10:0, < 10:2022-06-01+3 more2022-06-01
CVE-2022-20134 CVE-2022-20134: In readArguments of CallSubjectDialog
In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2021-39621UNKNOWN≥ 9:0, < 9:2022-01-01≥ 10:0, < 10:2022-01-01+2 more2022-01-01
CVE-2021-39621 CVE-2021-39621: In sendLegacyVoicemailNotification of LegacyModeSmsHandler
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2021-39627UNKNOWN≥ 9:0, < 9:2022-01-01≥ 10:0, < 10:2022-01-01+2 more2022-01-01
CVE-2021-39627 CVE-2021-39627: In sendLegacyVoicemailNotification of LegacyModeSmsHandler
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
osv