Platform
android
Component
kmkeymasterapplet
Fixed in
unknown
CVE-2025-48651 represents a High Severity vulnerability discovered in StrongBox, a component within Android's System-on-Chip (SoC). This flaw could potentially allow for unauthorized access or control, impacting the overall security of devices. The vulnerability affects Android SoCs with security patch levels prior to April 5, 2026. A security patch addressing this issue was released on April 5, 2026.
CVE-2025-48651 in Android affects the KMKeymasterApplet.java component, specifically the 'importWrappedKey' function. A flaw in input validation has been identified, allowing unauthorized access to keys that should be restricted. This could result in local information disclosure, where an attacker could gain access to sensitive data stored as encrypted keys. The concerning aspect is that exploitation requires no additional privileges or user interaction, increasing the risk of a successful attack. The severity of this vulnerability lies in its ease of exploitation and the potential damage it can cause by compromising the security of stored data.
The vulnerability is exploited through the 'importWrappedKey' function in KMKeymasterApplet.java. An attacker could manipulate the input to this function to bypass security validations and access protected keys. Given that no user interaction or elevated privileges are required, exploitation can be automated and potentially silent. The exploitation context likely involves accessing device memory or manipulating system processes to influence the behavior of the vulnerable function. The lack of a known fix implies that unpatched Android devices are susceptible to this type of attack until a correction is implemented.
Exploit Status
EPSS
0.01% (0% percentile)
Currently, no official fix has been released for CVE-2025-48651. We strongly recommend Android users keep their devices updated with the latest security patches provided by their device manufacturer. These updates, once available, will likely include a patch for this vulnerability. Additionally, application developers should securely utilize Android APIs and implement their own input validation measures to mitigate the risk of exploitation. Monitoring official Android security sources and device manufacturer security bulletins is crucial to stay informed about updates and recommendations.
Aplique la última actualización de seguridad de Android proporcionada por Google. Esta actualización aborda la vulnerabilidad de divulgación de información corrigiendo la validación de entrada en la función importWrappedKey del KMKeymasterApplet.
Vulnerability analysis and critical alerts directly to your inbox.
The vulnerability could allow access to encrypted keys protecting sensitive data such as passwords, authentication information, financial data, and other personal information.
The vulnerability affects Android devices that have not received the latest security updates. Check your device's Android version and look for available updates.
If you suspect your device has been compromised, change your passwords, perform a factory reset (after backing up your data), and contact a cybersecurity professional.
Currently, there are no specific tools to detect CVE-2025-48651. Android security updates are the best defense.
There is no confirmed release date for the fix. Monitor official Android security sources for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your build.gradle file and we'll tell you instantly if you're affected.