Cross User Data Leak in Android's Voicemail Notification Settings
CVE-2025-48529
5.5MEDIUM
What is CVE-2025-48529?
A vulnerability within the VoicemailNotificationSettingsUtil.java file in Android creates a scenario for cross user data leaks due to a confused deputy problem. This allows for local information disclosure without the need for additional execution privileges or user interaction, potentially exposing sensitive user data.
Affected Version(s)
Android 16
Android 15
Android 14