Primary

Context

Android Framework ChooserActivity Local Privilege Escalation Vulnerability

Vulnerability

A vulnerability in the ChooserActivity component of the Android framework allows for local privilege escalation by improperly managing permissions related to user images. This issue arises from a confused deputy problem, where the application may inadvertently expose images from other users. Exploitation of this vulnerability does not require additional execution privileges or user interaction.

Impact

Exploitation of this vulnerability could lead to unauthorized access to other users' images, allowing for potential misuse or privacy violations.

Remediation

Users can update their devices to the April 2025 security patch level to address this vulnerability.

Added: Sep 2, 2025, 11:27 PM

Updated: Sep 2, 2025, 11:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Framework ChooserActivity Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating