← back
CVE-2025-48572

CVE-2025-48572

CVSS 7.8 HIGHEPSS 0.2%● KEVCWE-306
Vexday Risk Score
51Attention
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.8EPSS 0.2%KEV simPoC Nuclei Metasploit Patch
Lifecycle
02 Dec 2025Active exploitation (CISA KEV)
08 Dec 2025Published on NVD
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

An app can launch activities in the background without proper permission checks, allowing it to escalate its privileges on the device without the user's knowledge or action.

Technical detail

A permissions bypass in activity launching mechanisms allows unprivileged background processes to invoke restricted activities without proper authorization checks. Exploitation requires no additional privileges or user interaction, resulting in local privilege escalation with high impact on system integrity.

Summary generated and translated by AI from the official description.
In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Google · Android