CVE-2024-53935
📋 TL;DR
This vulnerability allows any Android application without permissions to place phone calls without user interaction by sending a crafted intent to the DialerActivity component of the iCall OS17 - Color Phone Flash app. It affects all Android users who have installed version 4.3 or earlier of this application. The exploit requires no user interaction and can be triggered by any malicious app on the same device.
💻 Affected Systems
- iCall OS17 - Color Phone Flash (com.callos14.callscreen.colorphone)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Malicious app could place premium-rate calls, international calls, or calls to emergency services without user knowledge, resulting in financial loss, service disruption, or legal consequences.
Likely Case
Malware could place unauthorized calls to premium numbers for financial gain, or make harassing calls while appearing to come from the victim's device.
If Mitigated
With proper app sandboxing and intent filtering, the impact would be limited to apps that can bypass Android's permission system, which is rare in properly configured environments.
🎯 Exploit Status
Exploit code is publicly available on GitHub. The vulnerability requires no authentication and minimal technical skill to exploit.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None known
Restart Required: No
Instructions:
1. Check Google Play Store for app updates. 2. If no update is available, uninstall the application. 3. Consider using alternative dialer applications from trusted developers.
🔧 Temporary Workarounds
Uninstall vulnerable application
androidRemove the iCall OS17 - Color Phone Flash app from all Android devices
adb uninstall com.callos14.callscreen.colorphone
Disable app via Android settings
androidDisable the application through Android's application settings to prevent it from receiving intents
🧯 If You Can't Patch
- Implement Mobile Device Management (MDM) policies to block installation of this application
- Use Android's App Ops or similar permission managers to restrict the app's ability to make calls
🔍 How to Verify
Check if Vulnerable:
Check if com.callos14.callscreen.colorphone is installed and its version is 4.3 or earlier via: Settings > Apps > iCall OS17 - Color Phone FlashCheck Version:
adb shell dumpsys package com.callos14.callscreen.colorphone | grep versionNameVerify Fix Applied:
Verify the app is either updated to a version above 4.3 or completely removed from the device📡 Detection & Monitoring
Log Indicators:
- Unexpected call logs from the iCall app
- Multiple failed call attempts from the same app
- Intents sent to com.callos14.callscreen.colorphone.DialerActivity
Network Indicators:
- Unexpected outgoing calls from devices with the app installed
- Calls to premium rate numbers from user devices
SIEM Query:
source="android_logs" AND (app="com.callos14.callscreen.colorphone" AND action="call_initiated")