CVE-2021-39635

ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634
References
Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

History

15 Feb 2022, 18:07

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 9.4
v3 : 9.1
First Time Google
Google android
CWE CWE-276
CPE cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
References (MISC) https://source.android.com/security/bulletin/2022-02-01 - (MISC) https://source.android.com/security/bulletin/2022-02-01 - Vendor Advisory

11 Feb 2022, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-02-11 18:15

Updated : 2023-01-25 01:57


NVD link : CVE-2021-39635

Mitre link : CVE-2021-39635


JSON object : View

Products Affected

google

  • android
CWE
CWE-276

Incorrect Default Permissions