CVE-2025-48597 in Androidinformação

Sumário

de MITRE • 08/12/2025

In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Google Android

Reservar

22/05/2025

Divulgação

08/12/2025

Moderação

aceite

Entrada

VDB-334841

CPE

pronto

CWE

CWE-1021 (confirmado)

CVSS

7.8 (NVD)

EPSS

0.00006

KEV

não

Atividades

muito baixo

Sector

Homeoffice, Insurance, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-48597
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-48597
CVE Details	https://www.cvedetails.com/cve/CVE-2025-48597/

◂ Voltar Visão Geral Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!