CVE-2025-48537

CVSS 7.1 HIGHEPSS 0.1%CWE-20

In multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Produtos afetados

Google · Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://android.googlesource.com/platform/frameworks/base/+/63aab59ce13856799a7c24a70b35625d32ae5357 https://source.android.com/security/bulletin/2025-09-01