How severe is CVE-2025-48598?

CVE-2025-48598 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2025-48598

Name: android
Author: google

6.6MEDIUM

In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional executi

Veröffentlicht: 12/8/2025Aktualisiert: 12/8/2025

Beschreibung

In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

KI-AnalyseKI-gestützt

Betroffene Produkte

googleandroid

16.0

Referenzen

https://android.googlesource.com/platform/packages/apps/Settings/+/83447688f8e3e8f009f1e7d275a14ea00ee7953a
PatchProduct
https://source.android.com/security/bulletin/2025-12-01
Vendor Advisory