CVE-2025-32321: 
NixOS vulnerability analysis and mitigation

CVE-2025-32321 is a local privilege escalation vulnerability discovered in the Android operating system, specifically affecting Android versions 13 through 16. The vulnerability was disclosed on September 4, 2025, as part of Google's Android Security Bulletin for September 2025 (Android Bulletin, CIS Advisory).

The vulnerability exists in the AccountTypePreferenceLoader.java component of Android's Settings application, specifically in the isSafeIntent function. It allows for a possible bypass of intent type checks due to a confused deputy issue. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 HIGH, with attack vector being Local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L), and no user interaction (UI:N) (AttackerKB).

Successful exploitation of this vulnerability could allow an attacker with low privileges to escalate their privileges on the affected Android system. This could potentially enable the attacker to install programs, view or modify data, and create new accounts with full user rights (CIS Advisory).

Google has released a patch for this vulnerability in the September 2025 security update. The fix involves explicitly adding ComponentName to ensure arbitrary intents aren't launched from Settings (Android Source). Users and administrators are strongly advised to apply the September 2025 security update to affected Android devices (CIS Advisory).