Primary

Context

Android Telephony Services Tapjacking Vulnerability Leading to Privilege Escalation

Vulnerability

A tapjacking vulnerability has been identified in multiple components of the Android Telephony services, allowing for misleading user interactions that could enable malicious call forwarding. This issue could result in a local escalation of privileges, requiring user execution rights for exploitation.

Impact

Exploitation of this vulnerability could lead to unauthorized call forwarding, potentially allowing for interception of calls or manipulation of call-related features.

Remediation

Users can update their devices to the April 2025 security patch level to address this vulnerability.

Added: Sep 2, 2025, 11:43 PM

Updated: Sep 2, 2025, 11:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.7

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.7

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Telephony Services Tapjacking Vulnerability Leading to Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating