CVE-2025-48618

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation. This could allow an attacker to escalate privileges. Specifically, the issue resides in the processLaunchBrowser function within CommandParamsFactory.java, where improper locking may allow browser interaction from the lockscreen. Exploitation does not require user interaction and could lead to physical escalation of privilege without needing additional execution privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.