CVE-2025-48628

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of sensitive data. Exploitation may allow an attacker to disclose protected information. Specifically, the issue resides in the validateIconUserBoundary function within PrintManagerService.java, potentially leading to a cross-user image leak due to a confused deputy condition. This could result in local privilege escalation without requiring additional execution privileges or user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.