A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the user. Dubbed CVE-2025-12080, the issue stems from improper handling of ACTION_SENDTO intents using URI schemes like sms:, smsto:, mms:, and mmsto:. This misconfiguration bypasses user confirmation and permission checks, enabling
The post Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User appeared first on Cyber Security News. Read More
Posted inNews