Summary: A security vulnerability in the Verizon Call Filter iOS app put customers’ call history logs at risk by allowing unauthorized access. Attackers could retrieve call logs by modifying a phone number in a network request sent by the app. This failure to validate user information raises significant privacy and safety concerns, particularly for vulnerable individuals.
Affected: Verizon Wireless customers using the Call Filter app
Keypoints :
- Vulnerability enabled unauthorized access to call history logs of any Verizon number.
- The app sent requests without validating the authenticity of the phone number in the request.
- Concerns over privacy were highlighted for high-risk individuals such as abuse survivors and law enforcement.
- The flaw was linked to a server potentially owned by Cequint, raising questions about data security practices.
- Verizon confirmed that the vulnerability has been resolved.
Source: https://securityonline.info/verizon-call-filter-app-vulnerability-exposed-call-records-of-millions/