CVE-2025-48568

High

Published: 02 March 2026

Published

02 March 2026

Modified

06 March 2026

KEV Added

—

Patch

—

CVSS Score 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0000 0.1th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-48568 is a high-severity Race Condition (CWE-362) vulnerability in Google Android. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068).

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

AU-8 Time Stamps

addresses: CWE-362

Accurate timestamps from internal clocks enable detection of race conditions by providing reliable event ordering in audit logs.

PL-6 Security-related Activity Planning

addresses: CWE-362

Coordination of concurrent security activities reduces the probability that shared resources will be accessed simultaneously without proper synchronization.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Race condition enables local privilege escalation via lockscreen bypass, directly mapping to exploitation of a software vulnerability for unauthorized elevation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Deeper analysisAI

CVE-2025-48568 is a race condition vulnerability (CWE-362) present in multiple locations within Android, enabling a possible lockscreen bypass. This flaw could lead to local escalation of privilege without requiring additional execution privileges or user interaction. Published on 2026-03-02, it carries a CVSS v3.1 base score of 7.4 (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H), indicating high confidentiality, integrity, and availability impacts.

A local attacker with no privileges can exploit this vulnerability due to the race condition, bypassing the lockscreen to achieve escalation of privilege on the device. Exploitation is feasible without user interaction but demands high attack complexity, limiting it to adversaries with local access, such as through physical device possession or prior low-privilege code execution.

The Android security bulletin at https://source.android.com/docs/security/bulletin/2026/2026-03-01 details patches and mitigation recommendations for affected Android versions.

Details

CWE(s): CWE-362

Affected Products

google

android

14.0, 15.0

CVEs Like This One

CVE-2025-48577Same product: Google Android

CVE-2026-0112Same product: Google Android

CVE-2025-48574Same product: Google Android

CVE-2025-36920Same product: Google Android

CVE-2026-0011Same product: Google Android

CVE-2026-0020Same product: Google Android

CVE-2026-0117Same product: Google Android

CVE-2024-53833Same product: Google Android

CVE-2026-0010Same product: Google Android

CVE-2026-0037Same product: Google Android

References

https://source.android.com/docs/security/bulletin/2026/2026-03-01
security@android.com