Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Local app context required (AV:L, PR:L), no user interaction (UI:N), provisioning bypass yields full system-level control so C/I/A all High; scope unchanged within Android security model.
Primary rating from Vendor (google_android).
CVSS VectorVendor: google_android
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AnalysisAI
Local privilege escalation in Google Android 17 stems from improper input validation across multiple code paths that allows a low-privileged app or local user to bypass provisioning controls and gain elevated privileges without user interaction. No public exploit identified at time of analysis, and the EPSS score of 0.13% (3rd percentile) reflects no observed exploitation activity, though the CVSS 7.8 reflects the high impact once preconditions are met.
Technical ContextAI
The flaw is rooted in CWE-20 (Improper Input Validation) within Android's provisioning subsystem, which governs device setup, work-profile/device-owner enrollment, and related configuration flows. Because the issue is described as occurring 'in multiple locations,' the underlying weakness is likely a shared input-validation routine or pattern reused across provisioning entry points rather than a single isolated bug. The affected CPE (cpe:2.3:a:google:android:*) and EUVD scope to Android 17 indicate the regression or weakness is tied to functionality introduced or modified in that platform release, fixed via the monthly Android Security Bulletin.
RemediationAI
Patch available per vendor advisory: apply the Android 17 Security Patch Level published in the Android Security Bulletin at https://source.android.com/docs/security/bulletin/android-17, and on managed fleets enforce the corresponding SPL via MDM compliance policy. Because vendor firmware delivery varies by OEM, confirm device-specific patched builds with the manufacturer (Pixel, Samsung, etc.) and block enrollment of devices below the fixed SPL. As a compensating control until devices receive the patch, restrict installation of untrusted apps (Play Protect enforcement, disabling sideloading via MDM), and on enterprise deployments tighten work-profile provisioning policies - accepting the trade-off that stricter app-install policies reduce user flexibility and may break legitimate sideload workflows. See also https://vuldb.com/vuln/371848 for the third-party advisory tracker entry.
Same weakness CWE-20 – Improper Input Validation
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210216