In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Fri, 05 Sep 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-863 | |
Metrics |
ssvc
|
Fri, 05 Sep 2025 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:* |
|
Metrics |
cvssV3_1
|
Fri, 05 Sep 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android |
|
Vendors & Products |
Google
Google android |
Thu, 04 Sep 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |
References |
|

Status: PUBLISHED
Assigner: google_android
Published:
Updated: 2025-09-05T21:03:36.093Z
Reserved: 2025-02-10T18:29:32.999Z
Link: CVE-2025-26436

Updated: 2025-09-05T16:13:08.381Z

Status : Modified
Published: 2025-09-04T18:15:42.363
Modified: 2025-09-05T21:15:35.713
Link: CVE-2025-26436

No data.

Updated: 2025-09-05T14:02:02Z