CVE-2025-48611

Name of the Vulnerable Software and Affected Versions Google Pixel (affected versions not specified)

Description The issue involves a potential desynchronization in persistence due to a missing bounds check within the DeviceId component. This could allow for local escalation of privilege without requiring additional execution privileges or user interaction. The affected component is located at the following API endpoint: https://t.co/KGwrw2z7cn. The vulnerability resides in the DeviceId component, specifically related to a missing bounds check.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.