CVE-2025-48594

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation within the DisassociationProcessor.java file, specifically in the onUidImportance function. This issue may allow an attacker to retain companion application privileges after disassociation. Exploitation requires user interaction and could lead to local escalation of privilege without needing additional execution privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.