CVE-2025-26440

In multiple functions of CameraService.cpp, there is a possible way to use the camera from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
google_androidCNA
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
googleandroid
14.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://android.googlesource.com/platform/frameworks/av/+/b9a047c94deb06ab7ff956e4fb50b19ddd70cf9a
https://android.googlesource.com/platform/frameworks/base/+/b90d4d01e1bfaacae0e1f144075f72b1fb036799
https://source.android.com/security/bulletin/2025-05-01