Login Sign Up

CVE-2025-48590

5.5 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability allows a malicious Android app to cause resource exhaustion in the AppOpsService, potentially preventing emergency calls in limited circumstances. It affects Android devices running vulnerable versions, requiring no user interaction or special permissions for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Specific versions listed in Android Security Bulletin December 2025
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with vulnerable Android versions; requires malicious app installation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Emergency services dialing could be blocked on affected devices during critical situations, potentially preventing life-saving communications.

🟠

Likely Case

Local denial of service affecting emergency dialing functionality under specific resource-constrained conditions.

🟢

If Mitigated

Minimal impact with proper patching and app vetting through Google Play Protect.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires malicious app installation but no user interaction during exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level December 2025 or later

Vendor Advisory: https://source.android.com/security/bulletin/2025-12-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install December 2025 Android security patch. 3. Reboot device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store with Play Protect enabled.

🧯 If You Can't Patch

  • Enable Google Play Protect and only install apps from official app stores
  • Monitor for suspicious app behavior and uninstall untrusted applications

🔍 How to Verify

Check if Vulnerable:

Check Android Security Patch Level in Settings > About phone > Android version. If patch level is before December 2025, device may be vulnerable.

Check Version:

Settings navigation only - no command line access on standard Android

Verify Fix Applied:

Verify Android Security Patch Level shows December 2025 or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

  • Excessive AppOpsService resource usage
  • Emergency dialing failures in system logs

Network Indicators:

  • No network indicators - local vulnerability only

SIEM Query:

Not applicable - local device vulnerability

📊 Metadata

CVE ID: CVE-2025-48590
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400
EPSS Score: 0.01% exploit probability (0.5th percentile)
Published: December 8, 2025
Last Updated: December 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-48590, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)
CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)
CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)