**Name of the Vulnerable Software and Affected Versions:**

Android versions (affected versions not specified)

**Description:**

A critical vulnerability exists in Android that allows for remote code execution without requiring any user interaction. The issue stems from flaws in access control, potentially leading to out-of-bounds access due to incorrect bounds checking. This flaw is present in the core System component and is suspected to be exploited by state-sponsored actors for surveillance purposes. The vulnerability (CVE-2025-48530) affects devices utilizing the Qualcomm Adreno GPU driver, while devices using ARM Mali or other GPUs are not affected. Older devices, such as the Pixel 3a, Samsung S10, and OnePlus 7, may remain exposed even after updates. Approximately an unspecified number of devices worldwide are potentially affected.

**Recommendations:**

Update to security patch level 2025-08-05 immediately.