Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.3
Android WindowManagerService: Local Privilege Escalation Risk
CVE-2025-48634
ASB-A-406243581
Summary
A security flaw in Android's WindowManagerService could allow an attacker on the same device to gain higher-level access without needing to enter a password or interact with the device. This could happen if the attacker has physical access to the device. To protect your device, make sure to keep your Android version up to date with the latest security patches.
What to do
- Update google platform/frameworks/base to version 16-qpr2-next:2026-03-01.
- Update google platform/frameworks/base to version 15:2026-03-01.
- Update google platform/frameworks/base to version 16:2026-03-01.
- Update google platform/frameworks/base to version 14:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 14.0 | – | |
| android | 15.0 | – | |
| android | 16.0 | – | |
| platform/frameworks/base | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/frameworks/base | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/frameworks/base | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 | |
| platform/frameworks/base | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 |
Original title
In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution p...
Original description
In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
7.3
Vulnerability type
CWE-862
Missing Authorization
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026