ASB-A-418774489
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-418774489.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-418774489
- Aliases
-
- A-418774489
- CVE-2025-48598
- Published
- 2025-12-01T00:00:00Z
- Modified
- 2026-03-30T15:20:36.199724Z
- Summary
- [none]
- Details
-
In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/BiometricEnrollBase.java"
},
"id": "ASB-A-418774489-57c14015",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae",
"digest": {
"line_hashes": [
"164358292446425403139749726726513781660",
"316777641033177794087002808814949652722",
"96170362827097831696880654802211987672",
"304284772244789943916192519733825053893"
],
"threshold": 0.9
}
},
{
"match_only_versions": [
"16-qpr2-next"
],
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java"
},
"id": "ASB-A-418774489-8b183335",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae",
"digest": {
"line_hashes": [
"186785549826914843943866068411866225323",
"315028472796955980795779646946401173330",
"35404970899992931002612687254023013013",
"12825298277212009485899124275621755239",
"280468885579410514695079925957270217469",
"156535972210807430793695032895640265931"
],
"threshold": 0.9
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/BiometricEnrollBase.java",
"function": "onCreate"
},
"id": "ASB-A-418774489-b4db7fe1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae",
"digest": {
"function_hash": "329966894273609445621865965388559004592",
"length": 2432.0
}
},
{
"match_only_versions": [
"16-qpr2-next"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java",
"function": "launchFaceSettingsActivity"
},
"id": "ASB-A-418774489-bb028148",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae",
"digest": {
"function_hash": "11508865566560324099240220405611960517",
"length": 790.0
}
}
],
"severity": "High"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6"
],
"spl": "2025-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/BiometricEnrollBase.java",
"function": "onCreate"
},
"id": "ASB-A-418774489-013262da",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6",
"digest": {
"function_hash": "237405190376230676314028530074565547843",
"length": 1609.0
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Function",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java",
"function": "launchFaceSettingsActivity"
},
"id": "ASB-A-418774489-83a14c57",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6",
"digest": {
"function_hash": "11508865566560324099240220405611960517",
"length": 790.0
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/BiometricEnrollBase.java"
},
"id": "ASB-A-418774489-c39cdde9",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6",
"digest": {
"line_hashes": [
"175366547636974410058606002983338262830",
"298892286318765582080037194031501187305",
"96170362827097831696880654802211987672",
"303098064685063802093520040777705395616"
],
"threshold": 0.9
}
},
{
"match_only_versions": [
"16"
],
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java"
},
"id": "ASB-A-418774489-e431c367",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6",
"digest": {
"line_hashes": [
"186785549826914843943866068411866225323",
"315028472796955980795779646946401173330",
"35404970899992931002612687254023013013",
"12825298277212009485899124275621755239",
"280468885579410514695079925957270217469",
"156535972210807430793695032895640265931"
],
"threshold": 0.9
}
}
],
"severity": "High"
}