CVE-2025-20893

Name of the Vulnerable Software and Affected Versions NotificationManager versions prior to SMR Jan-2025 Release 1

Description The issue is related to improper access control in the NotificationManager, which allows local attackers to change the notification configuration. This can be exploited by attackers to modify settings without proper authorization.

Recommendations For versions prior to SMR Jan-2025 Release 1, consider restricting access to the NotificationManager until a patch is available. As a temporary workaround, limit the ability of local attackers to change notification settings by implementing additional access controls or configuration changes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.