Android Notification Access Logic Error Vulnerability in Settings App
Vulnerability
A logic error in the NotificationAccessConfirmationActivity of the Android Settings app can lead to unauthorized notification access above the lock screen. This vulnerability allows for local privilege escalation without requiring additional execution privileges. Exploitation of this issue does require user interaction.
Impact
Exploitation of this vulnerability could result in unauthorized notification access, allowing potentially sensitive information to be viewed or managed without proper authorization.
Remediation
Users can update their devices to the April 2025 security patch level to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.