CVE-2020-5753

Summary

Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.

Affected Software

VendorProductVersion RangeStatus
n/aSignal Private MessengerAndroid versions v4.59.0 and up, iOS versions v3.8.1.5 and upaffected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References