CVE-2025-48534
published 2025-09-04CVE-2025-48534: In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | packages_modules_cellbroadcastservice | >= 13:0 < 13:2025-09-01 | 13:2025-09-01 |
| platform | packages_modules_cellbroadcastservice | >= 14:0 < 14:2025-09-01 | 14:2025-09-01 |
| platform | packages_modules_cellbroadcastservice | >= 15:0 < 15:2025-09-01 | 15:2025-09-01 |
| platform | packages_modules_cellbroadcastservice | >= 16-next:0 < 16-next:2025-09-01 | 16-next:2025-09-01 |
Android
CVE-2025-48534: Android Security Bulletin 2025-09-01
CVE: CVE-2025-48534
Severity: HIGH
Type: DoS
Affected AOSP versions: 13, 14, 15
References: A-381419370
vendor_android·2025-09-01·CVSS 8.8
CVE-2025-48534 [HIGH] CVE-2025-48534: Android Security Bulletin 2025-09-01
CVE: CVE-2025-48534
Severity: HIGH
Type: DoS
Affected AOSP versions: 13, 14, 15
References: A-381419370
Android Security Bulletin 2025-09-01
CVE: CVE-2025-48534
Severity: HIGH
Type: DoS
Affected AOSP versions: 13, 14, 15
References: A-381419370
GHSA
GHSA-cwjh-mg4x-hhp7: In getDefaultCBRPackageName of CellBroadcastHandler
ghsa_unreviewed·2025-09-04
CVE-2025-48534 [HIGH] CWE-693 GHSA-cwjh-mg4x-hhp7: In getDefaultCBRPackageName of CellBroadcastHandler
In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-48534: In getDefaultCBRPackageName of CellBroadcastHandler
osv·2025-09-01
CVE-2025-48534 CVE-2025-48534: In getDefaultCBRPackageName of CellBroadcastHandler
In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-04
Published