CVE-2025-48572: Android Framework Privilege Escalation Vulnerability
Published Dec 1, 2025
·Updated
Android Framework contains an unspecified vulnerability that allows for privilege escalation.
Affected Software
6 affected components
Android Framework
Google Android
Google Android=13.0
Google Android=14.0
Google Android=15.0
Google Android=16.0
Remediation
Information
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Event History
Dec 1, 2025
CVE Published
via Android·12:00 AM
Data Sourced
via Android·12:00 AM
SeverityWeaknessAffected Software
Dec 2, 2025
Known Exploited
via CISA·12:00 AM
Data Sourced
via CISA·12:00 AM
RemedyDescriptionAffected Software
News Published
via BleepingComputer·02:36 PM
News Published
via BleepingComputer·02:38 PM
News Published
via The Register·06:47 PM
News Published
via The Register·06:52 PM
Dec 4, 2025
News Published
via ZDNet·03:00 PM
News Published
via ZDNet·03:35 PM
Dec 8, 2025
CVE Published
via MITRE·04:57 PM
Data Sourced
via MITRE·04:57 PM
DescriptionWeakness
Data Sourced
via NVD·05:16 PM
DescriptionSeverityWeaknessAffected Software
Mar 3, 2026
News Published
via BleepingComputer·08:19 AM
Frequently Asked Questions
1
What is the severity of CVE-2025-48572?
CVE-2025-48572 is classified as a high-severity vulnerability due to its potential for privilege escalation.
2
How do I fix CVE-2025-48572?
To fix CVE-2025-48572, update the Android Framework to the latest patched version provided by your device manufacturer.
3
What systems are affected by CVE-2025-48572?
CVE-2025-48572 affects devices running vulnerable versions of the Android Framework.
4
What are the potential impacts of CVE-2025-48572?
The potential impact of CVE-2025-48572 includes unauthorized access and control over the affected Android device.
5
Is CVE-2025-48572 publicly known?
Yes, CVE-2025-48572 is publicly known and has been addressed in security updates released by Google.