Contact Group Information Exposure Vulnerability in Phone App

Contact Group Information Exposure Vulnerability in Phone App

CVE-2022-39895 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.

Learn more about our Contact.