{"id":"ASB-A-404256832","details":"In maybeShowDialog of ControlsSettingsDialogManager.kt, there is a possible overlay of the ControlsSettingsDialog due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-404256832","CVE-2025-32350"],"modified":"2026-04-17T15:55:28.020024Z","published":"2025-09-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2025-09-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/d6b86833ee06789e557015d75d961d39407ab937"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"16-next:0"},{"fixed":"16-next:2025-09-01"}]}],"versions":["16-next"],"ecosystem_specific":{"spl":"2025-09-01","severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/b1911637c25e653b1acb5bb13bfd38f662c62825"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-404256832.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15:0"},{"fixed":"15:2025-09-01"}]}],"versions":["15"],"ecosystem_specific":{"spl":"2025-09-01","severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/0042369de2a626f462b3d0dff8db2294aa24ffec"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-404256832.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"16:0"},{"fixed":"16:2025-09-01"}]}],"versions":["16"],"ecosystem_specific":{"spl":"2025-09-01","severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/2903f50717163c4368ef3379be53c55f9e9e3966"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-404256832.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2025-09-01"}]}],"versions":["14"],"ecosystem_specific":{"spl":"2025-09-01","severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/7f833f2e6a6e124c3c0346168b22f58ce27621c1"],"types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-404256832.json"}}],"schema_version":"1.7.5"}