CVE-2025-43976 | THREATINT

Description

The com.enflick.android.tn2ndLine application through 24.17.1.0 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.android.TextNow.activities.DialerActivity component.

PUBLISHED Reserved 2025-04-21 | Published 2025-07-21 | Updated 2025-07-22 | Assigner mitre

References

play.google.com/.../details?id=com.enflick.android.tn2ndLine

github.com/actuator/com.enflick.android.tn2ndLine

github.com/...ick.android.tn2ndLine/blob/main/CVE-2025-43976

cve.org (CVE-2025-43976)

nvd.nist.gov (CVE-2025-43976)

Download JSON