COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-48595

CVE-2025-48595

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-06-02
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-48595
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wildprivilege-escalation

Android Framework integer overflow vulnerability enables local privilege escalation and code execution.

This integer overflow flaw in the Android Framework allows attackers to execute arbitrary code and escalate privileges locally, posing a severe risk to DIB organizations relying on Android-based endpoints. The vulnerability is actively exploited in the wild, necessitating immediate patching to prevent unauthorized access and data exfiltration.

Shame score — Active exploitation in the wild with local privilege escalation potential creates significant security exposure for DIB vendors using Android frameworks.

Players implicated

android · vendorFramework · product

Description

Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.