VDB

ASB-A-404254549

ASB-A-404254549 PUBLISHED

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

VendorProductVersions
platformframeworks/opt/telephony16-qpr2-next:0, 16-qpr2-next, 15:0

Timeline

  • Dec 1, 2025 CVE Published
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›