CVE-2025-48581

HIGH 8.4

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor	google
Product	android
Ecosystems	Android Mobile Cloud Chrome
Industries	TechnologyMobile
Published	Sep 4, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for google android

Be the first to know when new high vulnerabilities affecting google android are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Google / Android

References

NVD ↗ CVE.org ↗ EPSS Data ↗

android.googlesource.com: https://android.googlesource.com/platform/build/+/cda08bfbf55aed1e4c79efe6a66bb930d19a8a13 android.googlesource.com: https://android.googlesource.com/platform/system/apex/+/5a33fa4202cb5f06d7f02f3a2b8d13780d7cb3f5 android.googlesource.com: https://android.googlesource.com/platform/system/apex/+/13bbfe3ef2953e9805d57d3219cc122e485ba90f source.android.com: https://source.android.com/security/bulletin/2025-11-01