CVE-2025-48620

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation. This issue may allow an attacker to escalate privileges. Specifically, a logic error in the onSomePackagesChanged function within VoiceInteractionManagerService.java could allow a third-party application’s component name to persist even after the application is uninstalled. Exploitation of this does not require additional execution privileges or user interaction and can lead to local privilege escalation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.