CVE-2025-48597 in Androidinfo

Zusammenfassung

von MITRE • 08.12.2025

In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Google Android

Reservieren

22.05.2025

Veröffentlichung

08.12.2025

Moderieren

akzeptiert

Eintrag

VDB-334841

CPE

bereit

CWE

CWE-1021 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00006

KEV

nein

Aktivitäten

very low

Sektor

Police, Finance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-48597
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-48597
CVE Details	https://www.cvedetails.com/cve/CVE-2025-48597/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!