AI description
CVE-2025-48561, also known as "Pixnapping," is a vulnerability affecting Android devices. It allows a malicious application to steal sensitive on-screen information, such as two-factor authentication codes, private messages, and financial data, from other apps or websites. This is achieved by exploiting Android APIs and a hardware side channel related to how graphics hardware processes visual data. The attack involves forcing content from a "victim" app into the rendering path using Android intents, then stacking semi-transparent activities and triggering visual effects to leak information about each pixel's value. By repeating this process, a malicious app can reconstruct what's on the screen, potentially stealing 2FA codes in under 30 seconds. Google has released mitigations in the September 2025 Android Security Bulletin.
- Description
- In multiple locations, there is a possible way to access data displayed on the screen due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Analyzed
- Products
- android
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
📚 Pixnapping (CVE-2025-48561) Pixnapping is a new class of attacks that allows a malicious Android app to stealthily leak information displayed by other Android apps or arbitrary websites. Pixnapping exploits Android APIs and a hardware side channel that affects nearly all ht
@IntCyberDigest
24 Oct 2025
1912 Impressions
3 Retweets
19 Likes
12 Bookmarks
1 Reply
0 Quotes
Pixnapping: la nueva amenaza para Android que permite robar códigos 2FA y datos privados https://t.co/lDxOedrPyf Una reciente investigación de cuatro universidades estadounidenses ha revelado una vulnerabilidad crítica en Android conocida como Pixnapping (CVE-2025-48561).
@laboratoriolinu
23 Oct 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
• باحثون من أربع جامعات أمريكية نشروا دراسة تصف تقنية هجوم Pixnapping (CVE-2025-48561) التي تُمكّن من استنتاج المعلومات المعروضة على الشاشة في تطبيقات مختلفة، منها Go
@altmemy199
14 Oct 2025
496 Impressions
0 Retweets
6 Likes
7 Bookmarks
0 Replies
0 Quotes
💡 كيف ممكن سرقة رموز التحقق (2FA) من أجهزة اندرويد؟ الفيديو يشرح استغلال ثغرة Pixnapping (CVE-2025-48561). 🔹الفكرة: تطبيق خبيث يفتح شاشة التطبيق المستهدف (مثل Google Authent
@abdul__alamri
14 Oct 2025
3013 Impressions
9 Retweets
64 Likes
40 Bookmarks
3 Replies
0 Quotes
New Pixnapping Attack: allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561) Pixnapping is not fixed and probably affects all Androids. PoC: Not available yet. Steal 2FA codes 👇 Fo
@minacrissDev_
14 Oct 2025
524 Impressions
0 Retweets
3 Likes
4 Bookmarks
0 Replies
0 Quotes
New Pixnapping Attack allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561) Pixnapping is not fixed and probably affects all Androids. PoC: Not available yet. Video demonstrates https:/
@The_Hunt_x
14 Oct 2025
109 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
New Pixnapping Attack: allows any Android app without permissions to leak info displayed by other apps exploiting Android APIs and a hardware side channel (CVE-2025-48561) Pixnapping is not fixed and probably affects all Androids. PoC: Not available yet. Steal 2FA codes 👇 htt
@androidmalware2
14 Oct 2025
21895 Impressions
80 Retweets
376 Likes
223 Bookmarks
4 Replies
2 Quotes
CVE-2025-48561 In multiple locations, there is a possible way to access data displayed on the screen due to side channel information disclosure. This could lead to local information… https://t.co/Mo79YtGH5P
@CVEnew
4 Sept 2025
233 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E"
},
{
"criteria": "cpe:2.3:o:google:android:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D49E611-5D53-479D-A981-42388FDC0E8D"
}
],
"operator": "OR"
}
]
}
]