Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imei vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38297
An issue exists in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3'...
NA
CVE-2023-38298
Various software builds for the following TCL devices (30Z, A3X, 20XE, 10L) leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-...
NA
CVE-2023-38299
Various software builds for the AT&T Calypso, Nokia C100, Nokia C200, and BLU View 3 devices leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from di...
NA
CVE-2023-38300
A certain software build for the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys) leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google re...
NA
CVE-2024-2566
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulation of the argument imei ...
NA
CVE-2023-46723
lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can contain the SNS(such as slack and zulip) URL and API key. As of time of publicati...
Pajip Lte-pic32-writer
NA
CVE-2022-39902
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote malicious user to get sensitive information including IMEI via emergency call.
Samsung Exynos Firmware -
NA
CVE-2022-39876
Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder before 8.2.01.13 allows malicious user to access device IMEI.
Samsung Reminder
NA
CVE-2022-36874
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin before 2.2.11.22040751 allows malicious user to access device IMEI and Serial number.
Samsung Galaxy Watch Plugin
NA
CVE-2022-36878
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local malicious user to access IMEI via log.
Samsung Find My Mobile
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »