Tapjacking Vulnerability in Android Telephony Services
CVE-2025-22419
Currently unrated
What is CVE-2025-22419?
A vulnerability exists in Android Telephony Services, where an attacker may exploit tapjacking techniques to mislead users into enabling malicious phone call forwarding. This attack requires user interaction, allowing local privilege escalation under specific conditions. By overlaying deceptive content, attackers can manipulate users into granting unintended permissions, compromising the integrity of user communications.
Affected Version(s)
Android 15
Android 14
Android 13