CVE-2025-48586

Name of the Vulnerable Software and Affected Versions versions prior to 2025-48586

Description A flaw exists in the handling of onActivityResult within EditFdnContactScreen.java that may allow for the leakage of contacts from the work profile. This issue is due to a confused deputy condition and could result in local privilege escalation without requiring additional execution privileges or user interaction. The vulnerability resides in the processing of results from an activity, potentially allowing unauthorized access to contact information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.