⚠️ CISA Known Exploited Vulnerability
Active ThreatThis vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.
CVE-2025-48633
Medium CISA KEVVulnerability Description
In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a Device Owner after provisioning due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Known Affected Software
4 configuration(s) from 1 vendor(s)
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
References & Resources
-
https://android.googlesource.com/platform/frameworks/base/+/d00bcda9f42dcf272d329e9bf9298f32af732f93security@android.com Patch Product
-
https://source.android.com/security/bulletin/2025-12-01security@android.com Vendor Advisory
-
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48633134c704f-9b21-4f2e-91b3-4a467353bcc0 US Government Resource
Severity Details
CISA KEV Status
Listed in CISA's Known Exploited Vulnerabilities catalog
Key Information
- Published Date
- December 08, 2025
