Android Notification Permission Bypass Vulnerability Allowing Information Disclosure and Privilege Escalation

Vulnerability

A vulnerability in the 'hasImage' method of 'Notification.java' allows for information to be revealed across users, due to a permissions bypass. This issue could lead to a local escalation of privileges, without the need for additional execution rights. Exploitation does not require user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure between users and allow for local privilege escalation.

Added: Mar 2, 2026, 7:30 PM

Updated: Mar 2, 2026, 8:51 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Notification Permission Bypass Vulnerability Allowing Information Disclosure and Privilege Escalation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating