In processLaunchBrowser of CommandParamsFactory.java,...
Moderate severity
Unreviewed
Published
Dec 8, 2025
to the GitHub Advisory Database
•
Updated Dec 8, 2025
Description
Published by the National Vulnerability Database
Dec 8, 2025
Published to the GitHub Advisory Database
Dec 8, 2025
Last updated
Dec 8, 2025
In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References