Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local malicious user to execute call function without CALL_PHONE permission.
samsung members