{"id":"ASB-A-418774489", "published":"2025-12-01T00:00:00Z", "modified":"2026-04-03T15:37:31.002635057Z", "aliases":["CVE-2025-48598", "A-418774489"], "details":"In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/apps/Settings", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"16-qpr2-next:0"}, {"fixed":"16-qpr2-next:2025-12-01"}]}], "versions":["16-qpr2-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae"], "severity":"High", "spl":"2025-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["164358292446425403139749726726513781660", "316777641033177794087002808814949652722", "96170362827097831696880654802211987672", "304284772244789943916192519733825053893"], "threshold":0.9}, "id":"ASB-A-418774489-57c14015", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae", "target":{"file":"src/com/android/settings/biometrics/BiometricEnrollBase.java"}}, {"deprecated":false, "digest":{"line_hashes":["186785549826914843943866068411866225323", "315028472796955980795779646946401173330", "35404970899992931002612687254023013013", "12825298277212009485899124275621755239", "280468885579410514695079925957270217469", "156535972210807430793695032895640265931"], "threshold":0.9}, "id":"ASB-A-418774489-8b183335", "match_only_versions":["16-qpr2-next"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae", "target":{"file":"src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java"}}, {"deprecated":false, "digest":{"function_hash":"329966894273609445621865965388559004592", "length":2432}, "id":"ASB-A-418774489-b4db7fe1", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae", "target":{"file":"src/com/android/settings/biometrics/BiometricEnrollBase.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"function_hash":"11508865566560324099240220405611960517", "length":790}, "id":"ASB-A-418774489-bb028148", "match_only_versions":["16-qpr2-next"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/c07d03e5ef9ff05f34b6358440af6770044579ae", "target":{"file":"src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java", "function":"launchFaceSettingsActivity"}}]}}, {"package":{"name":"platform/packages/apps/Settings", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"16:0"}, {"fixed":"16:2025-12-01"}]}], "versions":["16"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6"], "severity":"High", "spl":"2025-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"237405190376230676314028530074565547843", "length":1609}, "id":"ASB-A-418774489-013262da", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6", "target":{"file":"src/com/android/settings/biometrics/BiometricEnrollBase.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"function_hash":"11508865566560324099240220405611960517", "length":790}, "id":"ASB-A-418774489-83a14c57", "match_only_versions":["16"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6", "target":{"file":"src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java", "function":"launchFaceSettingsActivity"}}, {"deprecated":false, "digest":{"line_hashes":["175366547636974410058606002983338262830", "298892286318765582080037194031501187305", "96170362827097831696880654802211987672", "303098064685063802093520040777705395616"], "threshold":0.9}, "id":"ASB-A-418774489-c39cdde9", "match_only_versions":["16"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6", "target":{"file":"src/com/android/settings/biometrics/BiometricEnrollBase.java"}}, {"deprecated":false, "digest":{"line_hashes":["186785549826914843943866068411866225323", "315028472796955980795779646946401173330", "35404970899992931002612687254023013013", "12825298277212009485899124275621755239", "280468885579410514695079925957270217469", "156535972210807430793695032895640265931"], "threshold":0.9}, "id":"ASB-A-418774489-e431c367", "match_only_versions":["16"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/Settings/+/e0476f87117c1b689b96c9a37ac12162d79c6cf6", "target":{"file":"src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2025-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/apps/Settings/+/83447688f8e3e8f009f1e7d275a14ea00ee7953a"}]}