3 matches found
CVE-2025-48651
In importWrappedKey of KMKeymasterApplet.java, there is a possible way access keys that should be restricted due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48651
Summary: CVE-2025-48651 pertains to StrongBox in Android. In KMKeymasterApplet.java’s importWrappedKey, insufficient input validation could allow access to restricted keys, enabling local information disclosure without extra privileges or user interaction. The issue is classed as a local vulnerab...
CVE-2025-48651
creationtimestamp| type| source ---|---|--- 2026-04-06 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0399/ 2026-04-09 10:24:22+00:00| seen| https://bsky.app/profile/stefan.infosec.exchange.ap.brid.gy/post/3mj2lplh4wbx2 2026-04-10 16:18:38+00:00| seen|...