Android Activity Manager Service Privilege Escalation Vulnerability

Vulnerability

A vulnerability in the Activity Manager Service's 'dumpBitmapsProto' function allows apps to access private information due to a lack of proper permission checks. This issue could lead to local privilege escalation, with no additional execution privileges required. Exploitation does not need user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized access to private information and allow for local privilege escalation.

Added: Mar 2, 2026, 7:21 PM

Updated: Mar 2, 2026, 8:45 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Activity Manager Service Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating