CVE-2024-37575
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-37575 is a vulnerability affecting the Mister org.mistergroup.shouldianswer application version 1.4.264 for Android. This issue allows any installed app, without requiring user-granted permissions, to initiate phone calls silently by sending a crafted intent to the DefaultDialerActivity component of the aforementioned application. This vulnerability poses a significant security risk, as unauthorized calls could lead to financial losses, privacy concerns, and potential phishing attacks. Users are strongly encouraged to update their Mister app to the latest version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.