SKTelecom com.skt.prod.dialer Phone Call Bypass Vulnerability

Vulnerability

A vulnerability in the com.skt.prod.dialer application for Android, affecting versions through 12.5.0, allows any installed application to make phone calls without user interaction. This is achieved by sending a crafted intent through the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component. The vulnerability does not require any special permissions.

Impact

Exploitation of this vulnerability enables unauthorized phone calls to be made from the affected device, without the user's consent or knowledge.

Added: Jul 21, 2025, 3:57 PM

Updated: Jul 21, 2025, 3:57 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SKTelecom com.skt.prod.dialer Phone Call Bypass Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating