The flaw resides in gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c and manifests a confused‑deputy permission logic error (CWE‑441). An attacker who can execute code on the device can cause the function to grant higher privileges than intended without needing additional execution rights. This allows a local user or malicious application to obtain system‑level access, compromising confidentiality, integrity, and availability of the device. The vendor notes that user interaction is not required for exploitation, indicating a purely local privilege escalation vector.

Google Android devices and Android operating systems are affected. No specific version range is listed; the vulnerability applies across any build that includes the unpatched gmc_mba_ddr.c code. All users running Android should be aware, regardless of device model.

The CVSS score of 8.4 classifies this as High severity. The EPSS score is reported as less than 1%, indicating a low probability of widespread exploitation at this time, and it is not included in CISA’s KEV catalog. The attack requires local access; no network or elevated privileges are needed to trigger the bug. An exploit path would involve a local malicious process invoking the vulnerable function, leading to privilege escalation. The combined risk is moderate to high for users with unpatched devices, especially where the device is used to run untrusted applications.