Vulnerability Description
The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fulldive | Full Dialer | 1.0.1 |
Related Weaknesses (CWE)
References
- https://github.com/actuator/com.full.dialer.top.secure.encryptedExploit
- https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/dial.Exploit
- https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/poc.aExploit
- https://github.com/actuator/cve/blob/main/CVE-2023-42469Third Party Advisory
- https://github.com/actuator/com.full.dialer.top.secure.encryptedExploit
- https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/dial.Exploit
- https://github.com/actuator/com.full.dialer.top.secure.encrypted/blob/main/poc.aExploit
- https://github.com/actuator/cve/blob/main/CVE-2023-42469Third Party Advisory
FAQ
What is CVE-2023-42469?
CVE-2023-42469 is a vulnerability with a CVSS score of 3.3 (LOW). The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafte...
How severe is CVE-2023-42469?
CVE-2023-42469 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-42469?
Check the references section above for vendor advisories and patch information. Affected products include: Fulldive Full Dialer.