CVE-2024-53931

Name of the Vulnerable Software and Affected Versions com.glitter.caller.screen versions 1.1 and earlier

Description The issue allows any application to place phone calls without user interaction by sending a crafted intent via the com.glitter.caller.screen.DialerActivity component. This enables unauthorized call execution.

Recommendations For versions 1.1 and earlier, as a temporary workaround, consider disabling the com.glitter.caller.screen.DialerActivity component until a patch is available. Restrict access to the com.glitter.caller.screen application to minimize the risk of exploitation. Avoid using the com.glitter.caller.screen application for making phone calls until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.