VulnerAlert



ANDROID
04-09-2025 21:11

CVE-2025-26425 Vulnerabilidad documentada

4.0 MEDIUM
Tags
#android
#exploit
#where
#java
#add
#vulnerability
#application
#privilege
#execution
#error
Descripción
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to logic error in the code. This could lead local escalation privilege on versions Android where android.permission.MANAGE_DEFAULT_APPLICATIONS was not defined with no additional execution privileges needed. User interaction needed for exploitation.
https://android.googlesource.com/platform/packages/modules/Permission/+/850ce9ea3ac72540ce310722633d9c893a32dfdd
https://source.android.com/security/bulletin/2025-05-01
Referencia
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-26425
Resultados similares
Coincidentes en almenos en 50% de los tags
08-09-2025 CVE-2025-9677
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected ele...
Ver información
04-09-2025 CVE-2025-48551
In multiple locations, there is a possible leak of an image across the Android User isolation b...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por