CVE-2025-20975

Name of the Vulnerable Software and Affected Versions AODService versions prior to 8.8.28.12

Description The issue concerns the improper export of Android application components in AODService, allowing local attackers to launch arbitrary activity with systemui privilege. This enables attackers to potentially exploit the system.

Recommendations For versions prior to 8.8.28.12, update to version 8.8.28.12 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive activities to minimize the risk of exploitation.