Provisioning Bypass Vulnerability in Android Devices by Google
CVE-2025-48643

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 17 June 2026

What is CVE-2025-48643?

This vulnerability arises from improper input validation across multiple locations, enabling a provisioning bypass. Consequently, this flaw may facilitate local escalation of privilege, allowing potential attackers to gain elevated access without requiring additional execution privileges or user interaction. It is crucial for users and organizations to be aware of this vulnerability in order to implement necessary security measures.

Affected Version(s)

Android 17

References

https://source.android.com/docs/security/bulletin/android-17

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
May 22, 2025

CVE-2025-48643 Data

JSON