CVE-2025-0087
published 2025-09-04CVE-2025-0087: In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to…
medium5.1CVSS 3.1
AVLACLPRNUINSUCLINAL
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | frameworks_base | >= 13:0 < 13:2025-05-01 | 13:2025-05-01 |
| platform | frameworks_base | >= 14:0 < 14:2025-05-01 | 14:2025-05-01 |
| platform | frameworks_base | >= 15-next:0 < 15-next:2025-05-01 | 15-next:2025-05-01 |
| platform | frameworks_base | >= 15:0 < 15:2025-05-01 | 15:2025-05-01 |
Android
CVE-2025-0087: Android Security Bulletin 2025-05-01
CVE: CVE-2025-0087
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15
References: A-333681693
vendor_android·2025-05-01·CVSS 5.1
CVE-2025-0087 [MEDIUM] CVE-2025-0087: Android Security Bulletin 2025-05-01
CVE: CVE-2025-0087
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15
References: A-333681693
Android Security Bulletin 2025-05-01
CVE: CVE-2025-0087
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15
References: A-333681693
GHSA
GHSA-522x-rr99-4x65: In onCreate of UninstallerActivity
ghsa_unreviewed·2025-09-04
CVE-2025-0087 [MEDIUM] CWE-689 GHSA-522x-rr99-4x65: In onCreate of UninstallerActivity
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-0087: In onCreate of UninstallerActivity
osv·2025-05-01
CVE-2025-0087 CVE-2025-0087: In onCreate of UninstallerActivity
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-04
Published