CVE-2024-53933

Name of the Vulnerable Software and Affected Versions com.callerscreen.colorphone.themes.callflash (also known as Color Call Theme & Call Screen) versions 1.0.7 and earlier

Description The issue allows any application to place phone calls without user interaction by sending a crafted intent via the com.android.call.color.app.activities.DialerActivity component. This enables unauthorized phone calls, potentially leading to security breaches.

Recommendations For versions 1.0.7 and earlier, as a temporary workaround, consider disabling the com.android.call.color.app.activities.DialerActivity component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.