Potential Escalation of Privilege Vulnerability in Android System Server
CVE-2025-48543
Key Information:
Badges
What is CVE-2025-48543?
This vulnerability arises from a possible escape from the Chrome sandbox, which affects the Android system_server due to a use after free condition. It could enable local escalation of privilege without requiring additional execution privileges, and it exploits flaws that can occur in multiple locations within the system. Importantly, user interaction is not necessary for an attacker to exploit this vulnerability, posing significant security risks to affected Android devices.
CISA has reported CVE-2025-48543
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-48543 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Android 16
Android 15
Android 14
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
MalwarebytesReferences
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
- 📰
First article discovered by Malwarebytes
Vulnerability Reserved