Primary

Context

Samsung AODService Improper Component Export Vulnerability Allowing Activity Launch with SystemUI Privilege

Vulnerability

A vulnerability exists in the AODService component of Samsung Android applications, prior to version 8.8.28.12. This vulnerability allows local attackers to improperly export application components, enabling them to launch arbitrary activities with SystemUI privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized activities being performed with elevated SystemUI privileges, potentially allowing for manipulation of system user interface elements or behaviors.

Remediation

Users can update to version 8.8.28.12 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung AODService Improper Component Export Vulnerability Allowing Activity Launch with SystemUI Privilege

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating