CVE-2015-9064

Name of the Vulnerable Software and Affected Versions Android CAF-сборки (affected versions not specified)

Description The issue is related to insufficient access control in the Android CAF build, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. This occurs when the UE component sends IMEI or IMEISV identifiers to the network in response to a network request before NAS security has been activated.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.