CVE-2025-48535
published 2025-09-04CVE-2025-48535: In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java , there is a possible way to exploit a parcel mismatch resulting in a launch anywhere vulnerability due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | packages_apps_settings | >= 13:0 < 13:2025-09-01 | 13:2025-09-01 |
| platform | packages_apps_settings | >= 14:0 < 14:2025-09-01 | 14:2025-09-01 |
| platform | packages_apps_settings | >= 15:0 < 15:2025-09-01 | 15:2025-09-01 |
| platform | packages_apps_settings | >= 16-next:0 < 16-next:2025-09-01 | 16-next:2025-09-01 |
| platform | packages_apps_settings | >= 16:0 < 16:2025-09-01 | 16:2025-09-01 |