CVE-2025-26436

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

PT-2024-14707 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue concerns a vulnerability in the ActivityManagerService AMS module related to starting activities in the background. Successful exploitation of this vulnerability will affect...

CVE-2022-20281

In Core, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

PT-2022-14468 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege...