CISA has issued a warning that two high-severity Android zero-day vulnerabilities, CVE-2025-48572 and CVE-2025-48633, are currently being actively exploited. These vulnerabilities impact the Android framework and pose significant risks to organizations and users alike. #AndroidZeroDay #CISAAlert
Keypoints
- Two Android framework vulnerabilities are under active targeted attack shortly after Googleβs patch release.
- Vulnerabilities CVE-2025-48572 and CVE-2025-48633 are categorized as high-severity and may be exploited in limited attacks.
- CISA added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, urging prompt remediation.
- Additional critical vulnerabilities include a DoS flaw and several privilege escalation issues affecting the Android kernel and Qualcomm components.
- Googleβs December security bulletin also fixed seven other critical vulnerabilities, addressing various system and hardware security flaws.
Read More: https://thecyberexpress.com/cisa-warns-android-vulnerabilities-attacked/