CVE-2025-0086

Common Vulnerabilities and Exposures

Last Post by Rinki Singh 13 hours ago

1 Posts

1 Users

0 Reactions

9 Views

RSS

Rinki Singh

(@rinki)

Posts: 78

Trusted Member

Topic starter

Description

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

https://android.googlesource.com/platform/frameworks/base/+/c1aa9e662464b8fa49765d53a82efa8e06bb176a

https://source.android.com/security/bulletin/2025-03-01

https://nvd.nist.gov/vuln/detail/CVE-2025-0086

Posted : 09/02/2026 10:55 pm

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed