Android Framework PendingIntent Background Activity Launch Privilege Escalation Vulnerability
Vulnerability
A vulnerability in the Android framework's PendingIntent management allows applications to launch activities from the background, bypassing normal restrictions. This issue, identified as CVE-2025-26436, could lead to unauthorized privilege escalation without requiring additional execution rights or user interaction. The vulnerability is present in the Background Start Privileges management of the PendingIntentRecord class.
Impact
Exploitation of this vulnerability could result in unauthorized access to elevated privileges, allowing a user or application to perform actions or access resources that are normally restricted.
Reproduction
The vulnerability can be reproduced by creating a PendingIntent that launches an activity. This PendingIntent can then be triggered from the background, without user interaction, taking advantage of the cleared background activity start privileges. This can be done by sending a broadcast or using a service that invokes the PendingIntent.
Remediation
Users can update their devices to the May 2025 security patch level, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.