Summary: A vulnerability in the Verizon Call Filter application could have been exploited to access the call records of millions of American users. Discovered by cybersecurity researcher Evan Connelly, the flaw allowed attackers to potentially retrieve call metadata by exploiting a lack of verification on user phone numbers. Verizon has since patched the issue, which primarily affected iOS devices.
Affected: Verizon Call Filter Application
Keypoints :
- The vulnerability allowed requests for incoming call records without verifying if the phone number belonged to the user.
- Cybersecurity researcher Evan Connelly reported the issue on February 22, and it was patched by mid-March.
- The flaw could affect nearly all of Verizonβs 140 million subscribers if the service is enabled by default.
- Call metadata could be exploited for surveillance, revealing personal routines and contact relationships.
- The vulnerability was resolved without any indication of exploitation, with Verizon emphasizing its commitment to security.
Source: https://www.securityweek.com/call-records-of-millions-exposed-by-verizon-app-vulnerability/