CVE-2025-48558
published 2025-09-04CVE-2025-48558: In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | frameworks_base | >= 13:0 < 13:2025-09-01 | 13:2025-09-01 |
| platform | frameworks_base | >= 14:0 < 14:2025-09-01 | 14:2025-09-01 |
| platform | frameworks_base | >= 15:0 < 15:2025-09-01 | 15:2025-09-01 |
| platform | frameworks_base | >= 16-next:0 < 16-next:2025-09-01 | 16-next:2025-09-01 |
| platform | frameworks_base | >= 16:0 < 16:2025-09-01 | 16:2025-09-01 |
GHSA
GHSA-gjfx-5gf8-mc42: In multiple functions of BatteryService
ghsa_unreviewed·2025-09-04
CVE-2025-48558 [HIGH] CWE-927 GHSA-gjfx-5gf8-mc42: In multiple functions of BatteryService
In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-48558: In multiple functions of BatteryService
osv·2025-09-01
CVE-2025-48558 CVE-2025-48558: In multiple functions of BatteryService
In multiple functions of BatteryService.java, there is a possible way to hijack implicit intent intended for system app due to Implicit intent hijacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Android
CVE-2025-48558: Android Security Bulletin 2025-09-01
CVE: CVE-2025-48558
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15, 16
References: A-380885270
vendor_android·2025-09-01·CVSS 7.8
CVE-2025-48558 [HIGH] CVE-2025-48558: Android Security Bulletin 2025-09-01
CVE: CVE-2025-48558
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15, 16
References: A-380885270
Android Security Bulletin 2025-09-01
CVE: CVE-2025-48558
Severity: HIGH
Type: EoP
Affected AOSP versions: 13, 14, 15, 16
References: A-380885270
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-04
Published