VDB
CISA-2025-48591
CISA-2025-48591
PUBLISHED
CVSS 5.5 MEDIUM
Reported by google_android · Published December 8, 2025
In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 15, 14, 13 | |
| Android | 15, 14, 13 |
Timeline
- Dec 8, 2025 CVE Published
- Dec 17, 2025 CVE Updated