5
CVSSv2

CVE-2019-17191

Published: 05/10/2019 Updated: 11/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The Signal Private Messenger application prior to 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.

Vulnerability Trend