Cyber Resilience

CVE-2025-48530

High

Published: 04 September 2025

Published
04 September 2025
Modified
05 September 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0024 47.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-48530 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Google Android. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 47.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-48530 is a vulnerability involving out-of-bounds (OOB) accesses due to an incorrect bounds check in multiple locations within Android components. Published on 2025-09-04, it is classified under CWE-125 and carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

A remote attacker requires no privileges or user interaction to exploit this over the network, though high attack complexity is needed. When combined with other bugs, it could result in remote code execution.

The Android security bulletin dated 2025-08-01 at https://source.android.com/security/bulletin/2025-08-01 provides details on affected versions and available patches for mitigation.

EU & UK References

Vulnerability details

In multiple locations, there is a possible condition that results in OOB accesses due to an incorrect bounds check. This could lead to remote code execution in combination with other bugs, with no additional execution privileges needed. User interaction is…

more

not needed for exploitation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

OOB memory corruption in Android network-exposed components directly enables remote exploitation for code execution (RCE) over the network with no auth/UI required.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-53834Same product: Google Android
CVE-2025-36937Same product: Google Android
CVE-2026-0116Same product: Google Android
CVE-2026-0120Same product: Google Android
CVE-2026-0006Same product: Google Android
CVE-2026-0076Same product: Google Android
CVE-2026-0114Same product: Google Android
CVE-2026-0113Same product: Google Android
CVE-2025-22408Same product: Google Android
CVE-2025-48626Same product: Google Android

Affected Assets

google
android
16.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the vulnerability by identifying, reporting, and applying vendor patches that correct the incorrect bounds checks causing OOB accesses.

prevent

Implements memory protection safeguards such as non-executable memory and ASLR to prevent remote code execution from OOB accesses even if the bounds check flaw exists.

prevent

Enforces validation of information inputs including bounds checks to address the root cause of incorrect bounds handling in Android components.

References