Local Privilege Escalation Vulnerability in Android Framework by Google
CVE-2025-48548
7.3HIGH
What is CVE-2025-48548?
A local privilege escalation vulnerability exists in the Android Framework's audio recording functionality. A race condition in the AppOpsControllerImpl.java file allows an attacker to record audio without the appropriate privacy indicators being displayed. This situation requires user interaction for exploitation but could lead to unauthorized access to sensitive audio data if successfully executed.
Affected Version(s)
Android 15
Android 14
Android 13