Primary

Context

Android Factory Reset Trigger Vulnerability in Settings App

Vulnerability

A logic error in the onClick method of MainClear.java in the Android Settings application creates a vulnerability that allows a factory reset to be triggered without explicit user consent. This issue could lead to a local denial-of-service condition, as it requires no additional execution privileges and does not involve user interaction for exploitation.

Impact

Exploitation of this vulnerability causes a local denial-of-service condition by triggering a factory reset, which can disrupt device functionality and lead to data loss.

Remediation

Users can update their devices to the January 2025 security patch level to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Factory Reset Trigger Vulnerability in Settings App

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating