CVE-2025-48625 in Androidinfo

Zusammenfassung

von MITRE • 08.12.2025

In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Google Android

Reservieren

22.05.2025

Veröffentlichung

08.12.2025

Moderieren

akzeptiert

Eintrag

VDB-334837

CPE

bereit

CWE

CWE-362 (bestätigt)

CVSS

7.0 (NVD)

EPSS

0.00005

KEV

nein

Aktivitäten

very low

Sektor

Police, Homeoffice, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-48625
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-48625
CVE Details	https://www.cvedetails.com/cve/CVE-2025-48625/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!