CVE-2017-2694

Name of the Vulnerable Software and Affected Versions HwVmall versions prior to 1.5.2.0

Description The issue concerns the AlarmService component, which lacks control over calling permissions in affected versions. This allows any third-party application to call the component, potentially leading to the sudden playback of alert music and compromising the user experience.

Recommendations For versions prior to 1.5.2.0, update to version 1.5.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AlarmService component to minimize the risk of exploitation.