How severe is CVE-2025-22416?

CVE-2025-22416 has a CVSS v3 score of 7.8 (HIGH).

CVE-2025-22416

Name: android
Author: google

7.8HIGH

In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privil

Veröffentlicht: 9/2/2025Aktualisiert: 9/4/2025

Beschreibung

In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

KI-AnalyseKI-gestützt

Betroffene Produkte

googleandroid

13.0

googleandroid

14.0

googleandroid

15.0

Referenzen

https://android.googlesource.com/platform/frameworks/base/+/82aa8527b7da3dbbc2f19c869b4ded106e140452
Product
https://source.android.com/security/bulletin/2025-04-01
Vendor Advisory