Vulnerability cyber

Verizon

Apr 2, 2025 1 min read
Verizon

A vulnerability was found in Verizon's Call Filter feature, permitting customers to access call logs of other Verizon users due to an unsecured API request. Discovered by Evan Connelly in February 2025, it was addressed by Verizon within a month. The issue stemmed from an API endpoint that did not verify if the phone number in the JWT payload matched the number whose call logs were retrieved, thus allowing users to view others' call histories. This security lapse presented risks particularly to high-profile individuals, with the potential to map out their daily routines and personal networks through call metadata.

Source: https://www.bleepingcomputer.com/news/security/verizon-call-filter-api-flaw-exposed-customers-incoming-call-history/

"id": "ver203040225",
"linkid": "verizon",
"type": "Vulnerability",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.