Vulnerabilities

CVE-2025-48523

by Fred · 04/09/2025

In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

More information : https://android.googlesource.com/platform/packages/apps/Contacts/+/7c8dbcffbc9382fcdb788919106c3b0525db83ab

Similar

Tags: Cybersecurity Alert