ASB-A-409318132
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-409318132.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-409318132
- Aliases
-
- A-409318132
- CVE-2025-32345
- Published
- 2025-09-01T00:00:00Z
- Modified
- 2025-10-20T15:45:00.998987Z
- Summary
- [none]
- Details
-
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ef801e1a8ec3a18ce9e0221fc7e1dfe495d0be8a",
"target": {
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Line",
"deprecated": false,
"id": "ASB-A-409318132-1a6c98fe",
"digest": {
"line_hashes": [
"38824363838564154734039279078854965383",
"37149770691856232147861424305688885915",
"247161014242972862965064184898659756474",
"317332585893001975143497678591949088166"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ef801e1a8ec3a18ce9e0221fc7e1dfe495d0be8a",
"target": {
"function": "updateState",
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Function",
"deprecated": false,
"id": "ASB-A-409318132-ecbe9302",
"digest": {
"function_hash": "213099471480070302545242104245220750403",
"length": 558.0
},
"signature_version": "v1"
}
],
"spl": "2025-09-01",
"severity": "High",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/ef801e1a8ec3a18ce9e0221fc7e1dfe495d0be8a"
]
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/077aae694d85f7e1f2919977b15c19c7f21b1da2",
"target": {
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Line",
"deprecated": false,
"id": "ASB-A-409318132-827521d3",
"digest": {
"line_hashes": [
"38824363838564154734039279078854965383",
"37149770691856232147861424305688885915",
"247161014242972862965064184898659756474",
"317332585893001975143497678591949088166"
],
"threshold": 0.9
},
"signature_version": "v1"
},
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/077aae694d85f7e1f2919977b15c19c7f21b1da2",
"target": {
"function": "updateState",
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Function",
"deprecated": false,
"id": "ASB-A-409318132-ec9daf83",
"digest": {
"function_hash": "213099471480070302545242104245220750403",
"length": 558.0
},
"signature_version": "v1"
}
],
"spl": "2025-09-01",
"severity": "High",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/077aae694d85f7e1f2919977b15c19c7f21b1da2"
]
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/094c9df207d9bb430427dadc2e327b4834b57b01",
"target": {
"function": "updateState",
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Function",
"deprecated": false,
"id": "ASB-A-409318132-4274b9ec",
"digest": {
"function_hash": "213099471480070302545242104245220750403",
"length": 558.0
},
"signature_version": "v1"
},
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/094c9df207d9bb430427dadc2e327b4834b57b01",
"target": {
"file": "src/com/android/settings/security/ContentProtectionTogglePreferenceController.java"
},
"signature_type": "Line",
"deprecated": false,
"id": "ASB-A-409318132-68b2aec9",
"digest": {
"line_hashes": [
"38824363838564154734039279078854965383",
"37149770691856232147861424305688885915",
"247161014242972862965064184898659756474",
"317332585893001975143497678591949088166"
],
"threshold": 0.9
},
"signature_version": "v1"
}
],
"spl": "2025-09-01",
"severity": "High",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/094c9df207d9bb430427dadc2e327b4834b57b01"
]
}