CVE-2024-53934

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Jan 6, 2025

Updated: Jan 8, 2025

CWE ID 281

Summary

CVE-2024-53934 is a vulnerability affecting the com.windymob.callscreen.ringtone.callcolor.colorphone app for Android. This issue allows any application to place phone calls without user interaction. The vulnerability is caused by a flaw in the com.frovis.androidbase.call.DialerActivity component, which can be exploited through a specially crafted intent. An attacker could potentially use this vulnerability to make unauthorized calls, posing a significant risk to user privacy and security. Users are advised to update the affected app to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/04w5FY
https://www.cve.org/CVERecord?id=CVE-2024-53934
https://nvd.nist.gov/vuln/detail/CVE-2024-53934

Back to Vulnerability Database

CVE-2024-53934

CVSS 3.1 Score 7.7 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations