Android Permission Bypass Vulnerability in ParsedPermissionUtils.java Allowing Privilege Escalation

Vulnerability

A vulnerability has been identified in the Android permission handling process, specifically within the 'parsePermissionGroup' function of 'ParsedPermissionUtils.java'. This issue allows for a bypass of the consent dialog required to obtain certain permissions. As a result, it could lead to unauthorized elevation of privileges on the device. Notably, this vulnerability does not require any additional execution privileges to exploit, and user interaction is not necessary.

Impact

Exploitation of this vulnerability could result in unauthorized access to elevated privileges, allowing a user or application to perform actions or access resources that are normally restricted.

Added: Mar 2, 2026, 7:31 PM

Updated: Mar 2, 2026, 10:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Permission Bypass Vulnerability in ParsedPermissionUtils.java Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating