CVE-2025-36907 (GCVE-0-2025-36907)
Vulnerability from
Published
2025-09-04 04:59
Modified
2025-09-05 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-36907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:36.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation.\u003c/p\u003e"
}
],
"value": "In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T04:59:31.475Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2025-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2025-36907",
"datePublished": "2025-09-04T04:59:31.475Z",
"dateReserved": "2025-04-16T00:33:24.576Z",
"dateUpdated": "2025-09-05T03:55:36.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36908 (GCVE-0-2025-36908)
Vulnerability from
Published
2025-09-04 04:59
Modified
2025-09-05 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-36908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:35.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e"
}
],
"value": "In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T04:59:49.039Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2025-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2025-36908",
"datePublished": "2025-09-04T04:59:49.039Z",
"dateReserved": "2025-04-16T00:33:24.577Z",
"dateUpdated": "2025-09-05T03:55:35.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36902 (GCVE-0-2025-36902)
Vulnerability from
Published
2025-09-04 04:57
Modified
2025-09-05 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-36902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:34.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e"
}
],
"value": "In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T04:57:39.376Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2025-09-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2025-36902",
"datePublished": "2025-09-04T04:57:39.376Z",
"dateReserved": "2025-04-16T00:33:17.232Z",
"dateUpdated": "2025-09-05T03:55:34.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56190 (GCVE-0-2024-56190)
Vulnerability from
Published
2025-09-04 05:10
Modified
2025-09-05 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:33.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e"
}
],
"value": "In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T05:10:34.652Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2025-04-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2024-56190",
"datePublished": "2025-09-04T05:10:34.652Z",
"dateReserved": "2024-12-18T17:17:02.549Z",
"dateUpdated": "2025-09-05T03:55:33.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36887 (GCVE-0-2025-36887)
Vulnerability from
Published
2025-09-04 05:17
Modified
2025-09-05 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege
Summary
In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-36887",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T03:55:32.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\u003c/p\u003e"
}
],
"value": "In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T05:17:19.856Z",
"orgId": "83238938-5644-45f0-9007-c0392bcf6222",
"shortName": "Google_Devices"
},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2025-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "83238938-5644-45f0-9007-c0392bcf6222",
"assignerShortName": "Google_Devices",
"cveId": "CVE-2025-36887",
"datePublished": "2025-09-04T05:17:19.856Z",
"dateReserved": "2025-04-16T00:33:09.030Z",
"dateUpdated": "2025-09-05T03:55:32.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26429 (GCVE-0-2025-26429)
Vulnerability from
Published
2025-09-04 17:11
Modified
2025-09-04 20:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service
Summary
In collectOps of AppOpsService.java, there is a possible way to cause permanent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-26429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T19:56:49.099258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:29:27.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In collectOps of AppOpsService.java, there is a possible way to cause permanent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T17:11:53.241Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/0f3c01c326b6966590c652adec5baa61351756e4"
},
{
"url": "https://source.android.com/security/bulletin/2025-05-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-26429",
"datePublished": "2025-09-04T17:11:53.241Z",
"dateReserved": "2025-02-10T18:16:18.440Z",
"dateUpdated": "2025-09-04T20:29:27.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48529 (GCVE-0-2025-48529)
Vulnerability from
Published
2025-09-04 18:34
Modified
2025-09-04 20:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure
Summary
In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T20:27:54.929920Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:27:57.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:11.346Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/e5cdca27526f5c2c358880538c7a15d8d5d5dd6d"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48529",
"datePublished": "2025-09-04T18:34:11.346Z",
"dateReserved": "2025-05-22T18:10:57.282Z",
"dateUpdated": "2025-09-04T20:27:57.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48537 (GCVE-0-2025-48537)
Vulnerability from
Published
2025-09-04 18:34
Modified
2025-09-04 20:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure
Summary
In multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T20:23:09.013865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:24:07.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In multiple locations, there is a possible way to persistently DoS the device due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:16.616Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/63aab59ce13856799a7c24a70b35625d32ae5357"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48537",
"datePublished": "2025-09-04T18:34:16.616Z",
"dateReserved": "2025-05-22T18:11:09.314Z",
"dateUpdated": "2025-09-04T20:24:07.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48538 (GCVE-0-2025-48538)
Vulnerability from
Published
2025-09-04 18:34
Modified
2025-09-04 20:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service
Summary
In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48538",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T20:22:23.407192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:22:57.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In setApplicationHiddenSettingAsUser of PackageManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:17.642Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bd7578b738a09734a2d23656e5569643ad37fffe"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48538",
"datePublished": "2025-09-04T18:34:17.642Z",
"dateReserved": "2025-05-22T18:11:09.314Z",
"dateUpdated": "2025-09-04T20:22:57.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48545 (GCVE-0-2025-48545)
Vulnerability from
Published
2025-09-04 18:34
Modified
2025-09-04 20:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure
Summary
In isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This could lead to local privilege escalation with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-48545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T20:20:25.195449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T20:20:54.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "16"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This could lead to local privilege escalation with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T18:34:24.644Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/66ac17909252c80b0edf7f4ae282bce4579410ad"
},
{
"url": "https://source.android.com/security/bulletin/2025-09-01"
}
],
"x_generator": {
"engine": "cvelib 1.7.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2025-48545",
"datePublished": "2025-09-04T18:34:24.644Z",
"dateReserved": "2025-05-22T18:11:18.276Z",
"dateUpdated": "2025-09-04T20:20:54.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 171 - 180 organizations in total 1832