CVE-2025-26461
published 2025-09-05CVE-2025-26461: In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a…
low3.3CVSS 3.1
AVLACLPRLUINSUCLINAN
In Permission Manager, there is a possible way for the microphone privacy indicator to remain activated even after the user attempts to close the app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| mit | krb5 | >= 0 < 1.17-6ubuntu4.9 | 1.17-6ubuntu4.9 |
| mit | krb5 | >= 0 < 1.19.2-2ubuntu0.6 | 1.19.2-2ubuntu0.6 |
| mit | krb5 | >= 0 < 1.20.1-6ubuntu2.5 | 1.20.1-6ubuntu2.5 |
| msrc | azl3_krb5_1.21.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_krb5_1.21.3-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_krb5_1.19.4-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.13.3LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM