diff --git a/tracking_denials/euiccpixel_app.te b/tracking_denials/euiccpixel_app.te
index dfea0f39..ca13b535 100644
--- a/tracking_denials/euiccpixel_app.te
+++ b/tracking_denials/euiccpixel_app.te
@@ -63,6 +63,8 @@ dontaudit euiccpixel_app tombstoned:unix_stream_socket { connectto };
 dontaudit euiccpixel_app tombstoned_java_trace_socket:sock_file { write };
 # b/262451641
 dontaudit euiccpixel_app permission_checker_service:service_manager { find };
+# b/265286368
+dontaudit euiccpixel_app default_android_service:service_manager { find };
 # b/264489745
 userdebug_or_eng(`
   permissive euiccpixel_app;
diff --git a/vendor/euiccpixel_app.te b/vendor/euiccpixel_app.te
index 1ca85843..2ab3309d 100644
--- a/vendor/euiccpixel_app.te
+++ b/vendor/euiccpixel_app.te
@@ -1,4 +1,18 @@
-# EuiccSupportPixel app
-
 type euiccpixel_app, domain;
+app_domain(euiccpixel_app)
 
+allow euiccpixel_app app_api_service:service_manager find;
+allow euiccpixel_app radio_service:service_manager find;
+allow euiccpixel_app nfc_service:service_manager find;
+
+set_prop(euiccpixel_app, vendor_secure_element_prop)
+set_prop(euiccpixel_app, vendor_modem_prop)
+get_prop(euiccpixel_app, dck_prop)
+
+userdebug_or_eng(`
+    net_domain(euiccpixel_app)
+
+    # Access to directly upgrade firmware on st54spi_device used for engineering devices
+    typeattribute st54spi_device mlstrustedobject;
+    allow euiccpixel_app st54spi_device:chr_file rw_file_perms;
+')
\ No newline at end of file