Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.4
Android Lockscreen Bypass Possible with Local Privilege Escalation
CVE-2025-48605
ASB-A-395640609
Summary
A flaw in the Android lockscreen code could allow an attacker with local access to gain elevated privileges without needing to enter a password or PIN. This means an attacker could potentially access sensitive information on the device. Update your Android system to the latest version to fix this issue.
What to do
- Update google platform/frameworks/base to version 16-qpr2-next:2026-03-01.
- Update google platform/frameworks/base to version 15:2026-03-01.
- Update google platform/frameworks/base to version 16:2026-03-01.
- Update google platform/frameworks/base to version 14:2026-03-01.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| android | 14.0 | – | |
| android | 15.0 | – | |
| android | 16.0 | – | |
| android | 16.0 | – | |
| android | 16.0 | – | |
| android | 16.0 | – | |
| platform/frameworks/base | > 16-qpr2-next:0 , <= 16-qpr2-next:2026-03-01 | 16-qpr2-next:2026-03-01 | |
| platform/frameworks/base | > 15:0 , <= 15:2026-03-01 | 15:2026-03-01 | |
| platform/frameworks/base | > 16:0 , <= 16:2026-03-01 | 16:2026-03-01 | |
| platform/frameworks/base | > 14:0 , <= 14:2026-03-01 | 14:2026-03-01 |
Original title
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execu...
Original description
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd CVSS3.1
8.4
Vulnerability type
CWE-693
Protection Mechanism Failure
Published: 1 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026