Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-0077
PUBLISHED
More InfoOfficial Page
Assigner-google_android
Assigner Org ID-baff130e-b8d5-4e15-b3d3-c3cf5d5545c6
View Known Exploited Vulnerability (KEV) details
Published At-04 Sep, 2025 | 17:11
Updated At-06 Sep, 2025 | 03:55
Rejected At-
▼CVE Numbering Authority (CNA)

In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products
Vendor
Google LLCGoogle
Product
Android
Default Status
unaffected
Versions
Affected
  • 15
Problem Types
TypeCWE IDDescription
N/AN/AElevation of privilege
Type: N/A
CWE ID: N/A
Description: Elevation of privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://android.googlesource.com/platform/frameworks/base/+/a09b6451c99f8aa99c49a0e584e12be455c414f4
N/A
https://android.googlesource.com/platform/frameworks/base/+/37a4df78c7e1b91066b341b05fb767f27c5da835
N/A
https://android.googlesource.com/platform/frameworks/base/+/3b04c948727c35e6ad429eefc6aaa9c261addf12
N/A
https://android.googlesource.com/platform/frameworks/base/+/5f59ac63cb7042d58dae196e890ec52424ebe8b5
N/A
https://android.googlesource.com/platform/frameworks/base/+/8c290a4d87c27a4ad65757e97ff9e634d9fe865e
N/A
https://android.googlesource.com/platform/frameworks/base/+/c059123b8e9c0920a30f896513116a8b88bfc4e1
N/A
https://source.android.com/security/bulletin/2025-05-01
N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/a09b6451c99f8aa99c49a0e584e12be455c414f4
Resource: N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/37a4df78c7e1b91066b341b05fb767f27c5da835
Resource: N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/3b04c948727c35e6ad429eefc6aaa9c261addf12
Resource: N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/5f59ac63cb7042d58dae196e890ec52424ebe8b5
Resource: N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/8c290a4d87c27a4ad65757e97ff9e634d9fe865e
Resource: N/A
Hyperlink: https://android.googlesource.com/platform/frameworks/base/+/c059123b8e9c0920a30f896513116a8b88bfc4e1
Resource: N/A
Hyperlink: https://source.android.com/security/bulletin/2025-05-01
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-1223CWE-1223 Race Condition for Write-Once Attributes
Type: CWE
CWE ID: CWE-1223
Description: CWE-1223 Race Condition for Write-Once Attributes
Metrics
VersionBase scoreBase severityVector
3.14.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Version: 3.1
Base score: 4.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found