CVE-2025-48629

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description A flaw exists in the VoiceInteractionManagerService.java component, specifically within the findAvailRecognizer function. This issue stems from an insecure default value, potentially allowing an attacker to become the default speech recognizer application. Successful exploitation could lead to local privilege escalation without requiring additional execution privileges or user interaction. The vulnerability is related to insufficient input validation within the Android Framework component.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.