CVE-2025-48573

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. This issue may allow a remote attacker to elevate privileges. The issue involves a potential for launching a foreground service while the application is in the background due to Foreground Service (FGS) while-in-use abuse, specifically within the sendCommand function of MediaSessionRecord.java. User interaction is not required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.