CVE-2025-48543 | Attaxion

CISA Known Exploited Vulnerability (KEV)

Name

Android Runtime Use-After-Free Vulnerability

Exploit added

September 4, 2025

Action due

September 25, 2025

Action required

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Weakness Enumeration

CWE-ID	CWE Name
CWE-416	Use After Free

Known Affected Software Configurations

cpe:2.3:o:google:android:15.0:::::::*
cpe:2.3:o:google:android:14.0:::::::*
cpe:2.3:o:google:android:13.0:-::::::
cpe:2.3:o:google:android:13.0:::::::*

Details

Source:
NVD

Published:
September 4, 2025

Updated:
September 5, 2025

Risk information

CVSS v3

Base score:
8.8

Severity:

HIGH

Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS v2

Not defined