CVE-2025-48614

Name of the Vulnerable Software and Affected Versions RecoverySystem.java (affected versions not specified)

Description A flaw exists in the rebootWipeUserData function within the RecoverySystem.java component. This issue allows for a factory reset of the device while in DSU mode because of a missing permission check. Exploitation does not require additional execution privileges or user interaction, potentially leading to a physical denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.