CVE-2025-32333

In startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-32333

CVE-2025-32333 concerns a logic error in the Android SpaActivity implementation (SpaActivity.kt) that can enable a cross-user permission bypass, leading to local privilege escalation with no user interaction and no additional execution privileges required. The Connected documents (PT-2025-36043 a...