VDB
CESS-2025-22427
CESS-2025-22427
PUBLISHED
CVSS 7.3 HIGH
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Risk Scores
CVSS 3.1
7.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Timeline
- Sep 2, 2025 CVE Published