Bypass of User Consent in Android DownloadProvider by Google
CVE-2025-26417

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 26 August 2025

What is CVE-2025-26417?

In the Android DownloadProvider, a vulnerability exists in the checkWhetherCallingAppHasAccess method that allows for a bypass of user consent when accessing files stored in shared storage. This vulnerability stems from a confused deputy scenario, enabling local information disclosure without requiring additional execution privileges or user interaction. This could potentially expose sensitive information to malicious actors.

Affected Version(s)

Android 15

Android 14

Android 13

References

https://android.googlesource.com/platform/packages/provid...

https://source.android.com/security/bulletin/2025-03-01

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2025
Vulnerability Reserved
Feb 10, 2025