Unrated severityCISA KEVNVD Advisory· Published Sep 4, 2025· Updated Feb 26, 2026
CVE-2025-48543
CVE-2025-48543
Description
In multiple locations, there is a possible way to escape chrome sandbox to attack android system_server due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
1- Critical Remote Code Execution Vulnerability Patched in AndroidSecurityWeek · May 5, 2026