CVE-2024-42039

Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2023-26549

The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2023-21167

In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-52715

The SystemUI module has a vulnerability in permission management. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

CVE-2022-48520

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2022-48519

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality...

CVE-2022-48296

The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices...

CVE-2022-36861

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

CVE-2021-25474

Assuming a shell privilege is gained, an improper exception handling for multisimbarshowonqspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

CVE-2021-39787

In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934...

CVE-2021-25473

Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

CVE-2020-0415

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2020-26604

An issue was discovered in SystemUI on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung ID is SVE-2020-18467 October 2020...

CVE-2025-20975

Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...

CVE-2025-20975

CVE-2025-20975 describes an improper export of Android application components in Samsung’s AODService, affecting versions prior to 8.8.28.12. The root issue is that components are exportable in a way that can allow a local attacker to launch an arbitrary activity with systemui privileges. Affecte...

CVE-2025-20975

Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...

SAMSUNG AODService 安全漏洞

SAMSUNG AODService is a display function program from Samsung South Korea. A security vulnerability exists in SAMSUNG AODService versions prior to 8.8.28.12, which stems from an improperly exported Android application component, and could allow a local attacker to initiate arbitrary activity with...

CVE-2024-20891

Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

Huawei EMUI/HarmonyOS Access Control Vulnerability

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. Huawei EMUI and Huaw...