Cyber Resilience

CVE-2025-48568

High

Published: 02 March 2026

Published
02 March 2026
Modified
06 March 2026
KEV Added
Patch
CVSS Score v3.1 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0000 0.1th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-48568 is a high-severity Race Condition (CWE-362) vulnerability in Google Android. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-11 (Device Lock) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2025-48568 is a race condition vulnerability (CWE-362) present in multiple locations within Android, enabling a possible lockscreen bypass. This flaw could lead to local escalation of privilege without requiring additional execution privileges or user interaction. Published on 2026-03-02, it carries a CVSS v3.1 base score of 7.4 (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H), indicating high confidentiality, integrity, and availability impacts.

A local attacker with no privileges can exploit this vulnerability due to the race condition, bypassing the lockscreen to achieve escalation of privilege on the device. Exploitation is feasible without user interaction but demands high attack complexity, limiting it to adversaries with local access, such as through physical device possession or prior low-privilege code execution.

The Android security bulletin at https://source.android.com/docs/security/bulletin/2026/2026-03-01 details patches and mitigation recommendations for affected Android versions.

EU & UK References

Vulnerability details

In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Race condition enables local privilege escalation via lockscreen bypass, directly mapping to exploitation of a software vulnerability for unauthorized elevation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-48577Same product: Google Android
CVE-2024-34732Same product: Google Android
CVE-2026-0112Same product: Google Android
CVE-2024-56192Same product: Google Android
CVE-2025-48602Same product: Google Android
CVE-2026-0124Same product: Google Android
CVE-2024-49738Same product: Google Android
CVE-2024-40651Same product: Google Android
CVE-2026-0023Same product: Google Android
CVE-2025-48574Same product: Google Android

Affected Assets

google
android
14.0, 15.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements device lockscreen mechanisms whose bypass via race condition is the root cause of this CVE.

prevent

Enforces access-control decisions on the lockscreen; a race-condition flaw allows those decisions to be circumvented.

prevent

Process isolation reduces the shared-state windows that enable the race condition exploited to bypass the lockscreen.

References