Major security flaw allowed potential access to call metadata through iPhone app
In a concerning discovery that highlights ongoing mobile security challenges, a cybersecurity researcher has uncovered a significant vulnerability in Verizon's Call Filter application that could have compromised the call records of millions of customers.
Researcher Evan Connelly identified the security flaw in the iPhone application designed to help users identify and block spam calls. The vulnerability, reported to Verizon on February 22, exposed a critical authentication oversight that was subsequently patched by the third-party developer in mid-March.
Technical Details of the Vulnerability
The issue stemmed from an authentication failure within the application's backend. When displaying a user's incoming call history, the app would make a server request containing the user's phone number and the desired timeframe for call records. However, the endpoint receiving these requests failed to verify whether the phone number in the request actually belonged to the authenticated user.
This oversight created a scenario where an attacker could potentially submit requests with arbitrary phone numbers to obtain incoming call records for any Verizon customer.
According to Connelly's analysis, the exploitable data was limited to phone numbers and timestamps of incoming calls. However, he emphasized that this information could still pose significant privacy risks.
Widespread Impact
"I believe this service may be on by default for many/all Verizon Wireless customers, so in either case, it does seem this issue impacted either nearly all, or all customers," Connelly noted in his blog post detailing the findings.
With Verizon serving over 140 million subscribers, the potential scope of the vulnerability is substantial. The company's response has not contested the researcher's assessment regarding the number of potentially affected users.
Privacy Implications
Despite the seemingly limited nature of the exposed data, Connelly warned about the serious privacy implications:
"Call metadata might seem harmless, but in the wrong hands, it becomes a powerful surveillance tool. With unrestricted access to another user's call history, an attacker could reconstruct daily routines, identify frequent contacts, and infer personal relationships," he explained.
The researcher further noted that "timestamps can be cross-referenced with social media or public sightings to map physical movements. Repeated numbers expose private or burner lines, compromising whistleblowers, journalists, or abuse survivors."
Verizon's Response
In their official statement, Verizon confirmed the issue had been resolved, noting that "while there was no indication that the flaw was exploited, the issue was resolved and only impacted iOS devices. Verizon appreciates the responsible disclosure of the finding by the researcher and takes the security very seriously."
The company also clarified that the Call Filter application is developed by a third party. Connelly's research identified this developer as Cequint, a company specializing in caller ID services.
This discovery follows Connelly's previous security work, which included identifying a vulnerability in Tesla's systems that could have enabled account takeovers of former employees.