Primary

Context

Android Framework Header Privacy Icons Controller Elevation of Privilege Vulnerability

Vulnerability

A logic error in the HeaderPrivacyIconsController.kt file of the Android Framework allows for the unauthorized granting of permissions between users. This vulnerability could lead to local elevation of privilege, requiring no additional execution privileges or user interaction for exploitation. The issue affects Android versions 13, 14, 15, and 16.

Impact

Exploitation of this vulnerability could result in unauthorized permission grants between users, allowing for elevated privileges.

Remediation

Users can update their devices to the December 2025 security patch level to address this vulnerability.

Added: Dec 8, 2025, 5:49 PM

Updated: Dec 8, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

1.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

1.4

threat

3.2

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Framework Header Privacy Icons Controller Elevation of Privilege Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating