CVE Catalog

CVE-2025-48617

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

0th percentile — higher than 0% of all known CVEs

Summary

In CarrierConfigLoader.java's overrideConfig, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed.

Risk Assessment

The organization may be exposed to local privilege escalation, potentially leading to unauthorized access to system resources.

Recommendation

It is recommended to review and update permission configurations and monitor system access to minimize risk.

Original NVD description (English source)

In overrideConfig of CarrierConfigLoader.java, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS