Description
In multiple functions of PipTaskOrganizer.java, there is a possible way to launch an activity from the background due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2026-06-01
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability involves a confused‑deputy scenario in the PipTaskOrganizer component of Android, allowing an application to launch an activity from the background without user interaction. This misuse permits a local attacker to gain higher privileges on the device, representing an improper access control flaw (CWE-441) and a confused‑deputy flaw (CWE-441) that can be exploited without additional privileges.

Affected Systems

The defect is present in Google Android systems that include the PipTaskOrganizer module; specific version details are not disclosed. All affected Android installations that contain this component are susceptible until patched.

Risk and Exploitability

This vulnerability has a CVSS score of 7.8, indicating high severity. Exploitation is feasible locally on the device and requires no user interaction, making it a high‑risk privilege escalation. EPSS score of <1% and the vulnerability is not listed in the CISA KEV catalog, but the lack of a need for remote access or an exploit payload increases its potential impact for an adversary with physical or local access.

Generated by OpenCVE AI on June 2, 2026 at 18:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Android security patch that addresses the PipTaskOrganizer activity launch bug
  • Disable background activity launching for apps via device settings or developer options, if the option is available
  • Monitor device activity logs for unexpected background launches and investigate any anomalies

Generated by OpenCVE AI on June 2, 2026 at 18:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Title Background Activity Launch Allows Local Privilege Escalation in Android
Weaknesses CWE-284

Tue, 02 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-441
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Title Background Activity Launch Allows Local Privilege Escalation in Android
First Time appeared Google
Google android
Weaknesses CWE-284
Vendors & Products Google
Google android

Mon, 01 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Description In multiple functions of PipTaskOrganizer.java, there is a possible way to launch an activity from the background due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References

Subscriptions

Google Android
cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published:

Updated: 2026-06-02T13:29:20.931Z

Reserved: 2025-05-22T18:11:40.405Z

Link: CVE-2025-48570

cve-icon Vulnrichment

Updated: 2026-06-02T13:29:11.799Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-06-01T22:16:17.827

Modified: 2026-06-02T14:16:33.877

Link: CVE-2025-48570

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T17:00:16Z

Weaknesses