CVE-2025-22437
published 2025-09-02CVE-2025-22437: In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | frameworks_base | >= 13:0 < 13:2025-04-01 | 13:2025-04-01 |
| platform | frameworks_base | >= 15-next:0 < 15-next:2025-04-01 | 15-next:2025-04-01 |
Android
CVE-2025-22437: Android Security Bulletin 2025-04-01
CVE: CVE-2025-22437
Severity: HIGH
Type: EoP
Affected AOSP versions: 13
References: A-317203980
vendor_android·2025-04-01·CVSS 7.8
CVE-2025-22437 [HIGH] CVE-2025-22437: Android Security Bulletin 2025-04-01
CVE: CVE-2025-22437
Severity: HIGH
Type: EoP
Affected AOSP versions: 13
References: A-317203980
Android Security Bulletin 2025-04-01
CVE: CVE-2025-22437
Severity: HIGH
Type: EoP
Affected AOSP versions: 13
References: A-317203980
GHSA
GHSA-r2gm-x94c-9wpm: In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code
ghsa_unreviewed·2025-09-03
CVE-2025-22437 GHSA-r2gm-x94c-9wpm: In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code
In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-22437: In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code
osv·2025-04-01
CVE-2025-22437 CVE-2025-22437: In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code
In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-02
Published