Zum Inhalt springen

Mobile phone and tablet security updates

CVE Vulnerability description Vulnerability affects
CVE-2026-0050 In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2026-0024 In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2026-0020 In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2025-48618 In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2025-48614 In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device while in DSU mode due to a missing permission check. This could lead to physical denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2025-32348 In multiple locations, there is a possible background activity launch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
CVE-2025-48533 In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Successful exploitation of this vulnerability could lead to a breach of confidentiality.
```

Warenkorb ( 0 )

10 % Rabatt auf Ihre erste Bestellung. Code: NEW

Sie sind [Betrag] von 15 % Rabatt entfernt!

Ihr Warenkorb ist derzeit leer!

Das könnte Ihnen auch gefallen...
Fügen Sie Ihrer Bestellung eine Notiz hinzu.
Geschenkverpackung hinzufügen
[Pre-Sale]DOOGEE Anywise W1 AI Waterproof Sport Smartwatch doogee.com

Verpacken Sie die Artikel im Warenkorb als Geschenke für nur [Preis].

Wunschliste (0)

Länder