A critical vulnerability in the Verizon Call Filter iOS app was disclosed, affecting potentially millions of customers by exposing incoming call records without authorization. This breach allowed access to call logs, compromising user privacy, and entailed significant risks for vulnerable individuals such as survivors of domestic abuse and public figures. The vulnerability arose from improper authentication checks in a backend API endpoint, enabling data retrieval for non-associated Verizon numbers. The exposure did not include the content of the conversations but revealed sensitive communication metadata, posing risks of privacy invasion and potential physical threat to affected individuals.
Source: https://cybersecuritynews.com/verizon-call-filter-app-vulnerability/
"id": "awi932040325",
"linkid": "awireless",
"type": "Vulnerability",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"