CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-48543

In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.3%

CVSS Severity

CVSS v3 Score 8.8

Proposed Action

Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.

Ransomware Campaign

Unknown

References

https://android.googlesource.com/platform/art/+/444fc40dfb04d2ec5f74c443ed3a4dd45d3131f2
https://source.android.com/security/bulletin/2025-09-01

Products affected by CVE-2025-48543

Google » Android » Version: 13.0

cpe:2.3:o:google:android:13.0
Google » Android » Version: 14.0

cpe:2.3:o:google:android:14.0
Google » Android » Version: 15.0

cpe:2.3:o:google:android:15.0
Google » Android » Version: 16.0

cpe:2.3:o:google:android:16.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-48543

Products

Pricing

Contact Us