Primary

Context

Android Device Policy Manager Service Denial-of-Service Vulnerability Allowing Local Privilege Escalation

Vulnerability

A denial-of-service vulnerability has been identified in the Device Policy Manager Service of Android. This issue arises from a logic error in the code, which can disrupt a device administrator's functions. Exploitation of this vulnerability could lead to unauthorized elevation of privileges, allowing a user to gain higher access rights without needing additional execution privileges or user interaction.

Impact

Exploitation of this vulnerability could cause a denial-of-service condition for a device administrator, potentially disrupting management functions and causing administrative tasks to fail.

Remediation

Users can update their devices to the September 2025 security patch level to address this vulnerability.

Added: Sep 4, 2025, 8:07 PM

Updated: Sep 4, 2025, 8:07 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Device Policy Manager Service Denial-of-Service Vulnerability Allowing Local Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating