CVE-2025-21016

Medium

4.3/10

Summary

Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: LOW

References

Advisory Timeline

Published Aug 06, 2025

CVE-2025-21016

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS