CVE-2025-21030

Vulnerability

CVE-2025-21030 is an improper permission handling vulnerability in the AppPrelaunchManagerService component of Samsung's Chinese Android 15 build. The bug lies in insufficient validation of caller permissions before executing a prelaunch request, which can be triggered from a local context.

Exploitation

A local attacker without elevated privileges can exploit this flaw by sending a crafted intent or IPC call to the service. No user interaction or additional authentication beyond local device access is required. The attack surface is limited to devices running Chinese Android 15 prior to the SMR Sep-2025 Release 1 update [1].

Impact

Successful exploitation allows the attacker to silently launch arbitrary applications in the background. This could be used to escalate the attacker's foothold, bypass background execution restrictions, or trigger further malicious actions from the launched app.

Mitigation

The vulnerability is fixed in the Samsung Mobile Security (SMR) Sep-2025 Release 1 update, as detailed in Samsung's security bulletin [1]. Users should apply the update to their Chinese Android 15 devices. No workarounds have been published.