How severe is CVE-2025-48598?

CVE-2025-48598 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2025-48598

Name: android
Author: google

6.6MEDIUM

In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional executi

Publicado: 12/8/2025Actualizado: 12/8/2025

Descripción

In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Análisis IAImpulsado por IA

Productos Afectados

googleandroid

16.0

Referencias

https://android.googlesource.com/platform/packages/apps/Settings/+/83447688f8e3e8f009f1e7d275a14ea00ee7953a
PatchProduct
https://source.android.com/security/bulletin/2025-12-01
Vendor Advisory