CVE-2025-48563
HIGHDescription
In onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Is your site exposed to CVE-2025-48563?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| android | |
| android | |
| android | |
| android |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-48563? +
How severe is CVE-2025-48563? +
What products are affected by CVE-2025-48563? +
How do I check if I'm vulnerable to CVE-2025-48563? +
Related Vulnerabilities
Allstar is a GitHub App to set and enforce security policies. In versions prior to 4.5, a vulnerability in Allstar’s …
Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT …
Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens (JWT) …
Skype for Consumer Remote Code Execution Vulnerability
Windows Remote Desktop Services Remote Code Execution Vulnerability
In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. …