Android Telephony Contacts Leak Vulnerability in Work Profile Allowing Privilege Escalation
Vulnerability
A vulnerability has been identified in the Android Telephony service, specifically within the 'onActivityResult' method of the 'EditFdnContactScreen' component. This issue arises from a confused deputy problem, which creates a potential for leaking contacts from the work profile. Exploitation of this vulnerability could lead to unauthorized access to sensitive contact information, allowing for local escalation of privileges without the need for additional execution rights or user interaction.
Impact
Exploitation of this vulnerability could result in unauthorized access to contacts from the work profile, leading to a local escalation of privileges.
Reproduction
To reproduce this vulnerability, sign into a personal account and create a PIN for that account. Then, set up a work profile and add a work profile contact. Afterward, open the proof-of-concept application that exploits this vulnerability.
Remediation
Users can update their devices to the December 2025 security patch level to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.