CVE-2025-48595 | In multiple locations, there is a possible way to achieve co… | CVSS 8.4 HIGH

Description

In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Metadata

CVE ID: CVE-2025-48595
State: PUBLISHED
Assigner: google_android
Reserved: 2025-05-22 18:12 UTC
Published: 2026-06-01 21:14 UTC
Last updated: 2026-06-03 03:55 UTC
Primary CWE: CWE-190
CWE-190 Integer Overflow or Wraparound
Vendor / Product: Google / Android
Sources: cve.org · NVD

Severity & Metrics

8.4 HIGH CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: ACTIVE
Automatable: no
Tech. Impact: total

CISA Known Exploited Vulnerability

Vulnerability name: Android Framework Integer Overflow Vulnerability
Vendor: Android
Product: Framework
Added to KEV: 2026-06-02
Due date: 2026-06-05
Ransomware: Not known

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA description

Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.

Affected products (1)

Vendor	Product	Platform	Versions
Google	Android	—	16-qpr2, 16, 15, 14

Weakness (CWE)

CWE	Source	Description
—	cna	Elevation of privilege
CWE-190	adp	CWE-190 Integer Overflow or Wraparound

CVSS scores (1)

Score	Severity	Version	Source	Vector
8.4	HIGH	3.1	adp	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (1)

https://source.android.com/docs/security/bulletin/2026/2026-06-01