| Title | Freedom Factory dGEN1 phone 1 Broken Authorization |
|---|
| Description | The com.dgen.alarm application on the Freedom Factory dGEN1 phone contains a broken authorization vulnerability in an exported BroadcastReceiver (StopReceiver). The receiver allows any local application to silently cancel active alarms, dismiss alarm notifications, and remove scheduled alarms without user interaction.
As a result, a malicious application can disable alarms entirely, potentially causing users to miss critical alerts or reminders. |
|---|
| Source | ⚠️ https://gist.github.com/Lytes/2bd9cb3faf89b114754f00292beabb38 |
|---|
| User | Anonymous User |
|---|
| Submission | 02/21/2026 06:00 (2 months ago) |
|---|
| Moderation | 03/06/2026 21:53 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 349557 [Freedom Factory dGEN1 up to 20260221 com.dgen.alarm AlarmService improper authorization] |
|---|
| Points | 20 |
|---|