Skip to main content

CWE-927

Use of Implicit Intent for Sensitive Communication

11 CVEs Avg CVSS 5.2 MITRE
0
CRITICAL
2
HIGH
6
MEDIUM
3
LOW
0
POC
0
KEV

Monthly

CVE-2025-48558 HIGH PATCH This Week

In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-3480 LOW Monitor

An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
2.8
EPSS
0.1%
CVE-2024-3108 MEDIUM This Month

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-44127 MEDIUM This Month

he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-44124 LOW Monitor

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording ("com.lge.gametools.gamerecorder") app in the. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-44122 HIGH This Week

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-31014 MEDIUM This Month

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Google RCE Information Disclosure +1
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2022-36830 MEDIUM This Month

PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-36829 MEDIUM This Month

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-33734 MEDIUM This Month

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm
NVD
CVSS 3.1
5.5
EPSS
0.2%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 2.8
LOW Monitor

An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The vulnerability is to theft of arbitrary files with system privilege in the Screen recording ("com.lge.gametools.gamerecorder") app in the. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Google +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Charm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy