The bug allowed unauthorized users to query the app's backend server and retrieve the call history for any Verizon number. As Connelly explained in his blog, the app's server failed to verify that ...

With unrestricted access to another user's call history, an attacker could reconstruct daily routines, identify frequent contacts, and infer personal relationships," Connelly said. Verizon addressed ...

However, the total period of exposure is unknown ... the X-Ceq-MDN header value with another Verizon phone to retrieve their incoming call history. This flaw is particularly sensitive for high ...

With unrestricted access to another user's call history, an attacker could reconstruct daily routines, identify frequent contacts, and infer personal relationships," Connelly said. Verizon ...