VYPR

CarDevicePolicyService

by Google

CVEs (1)

  • CVE-2025-26418HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    In setUserDisclaimerAcknowledged of CarDevicePolicyService.java, there is a possible way to bypass the user dialog when adding an account to a managed device due to a missing permission check. This could lead to local escalation of privilege with no additional execution…