Security implications of remote (Meterpreter) shell to device

An attacker who uses an exploit for e.g. [CVE 2012-6636](http://www.cvedetails.com/cve-details.php?t=1&cve_id=2012-6636) can use a [Metasploit exploit](https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/android/browser/webview_addjavascriptinterface.rb) to open a Meterpreter shell in the context of the stock Android browser. But what are the implications of such an attack? As far as I understand the sandbox prevents the attack from accessing contacts, the microphone, the camera or other apps. He is limited to the data of the browser and the SD card. Even if a device is rooted, there is no way to gain root privileges from within such a shell, or is there? So the only way to escape from the sandbox would be to tamper the app's memory and make use of another exploit, that leads to privilege escalation, right? Therefore the impact of such an attack would be very limited.