CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-53936: The com.asianmobile.callcolor (aka Color Phone Call Screen App) application through 24 for Android enables any application (with no permissions) to...

Description

The com.asianmobile.callcolor (aka Color Phone Call Screen App) application through 24 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.asianmobile.callcolor.ui.component.call.CallActivity component.

Classification

CVE ID: CVE-2024-53936

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.48% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://github.com/actuator/com.asianmobile.callcolor
https://github.com/actuator/com.asianmobile.callcolor/blob/main/CVE-2024-53936

Timeline

2025-01-07 00:30:37 UTC
CVE

The com.asianmobile.callcolor (aka Color Phone Call Screen App) application through 24 for Android enables any application (with no permissions) to...