The Cybersecurity and Infrastructure Safety Company (CISA) has added two crucial Android Framework vulnerabilities to its Recognized Exploited Vulnerabilities (KEV) catalog, signaling lively exploitation within the wild and prompting fast motion from organizations and machine customers worldwide.
The vulnerabilities CVE-2025-48572 and CVE-2025-48633 had been formally listed on December 2, 2025, and characterize a big risk to the thousands and thousands of Android gadgets in use throughout enterprise and client environments.
CVE-2025-48572 is an Android Framework privilege escalation vulnerability that permits attackers to raise their entry ranges on compromised gadgets.
This kind of vulnerability is hazardous as a result of it permits risk actors to bypass safety restrictions and achieve unauthorized management over delicate system features.
Complementing this risk, CVE-2025-48633 represents an data disclosure vulnerability within the Android Framework, probably exposing confidential person information and system data to malicious actors.
The addition of those vulnerabilities to CISA’s KEV catalog displays the company’s dedication to sustaining the authoritative supply of actively exploited safety vulnerabilities .
The KEV catalog serves as a crucial useful resource for community defenders, safety professionals, and organizations searching for to prioritize their vulnerability administration efforts successfully.
By monitoring real-world exploitation, CISA permits the cybersecurity group to focus remediation assets the place they matter most.
For organizations managing Android-based infrastructure or worker gadgets, the implications are substantial.
Android Zero-Day Vulnerability
CISA has set a due date of December 23, 2025, for remediation, offering a 21-day window for entities to deal with the vulnerabilities earlier than necessary compliance necessities take impact.
The company recommends making use of mitigations per vendor directions because the fast precedence. For these unable to implement patches or mitigations, discontinuing use of affected merchandise could also be needed to stop compromise.
The risk panorama surrounding Android vulnerabilities continues to evolve as attackers more and more goal the platform’s widespread deployment.
Android gadgets handle roughly 70% of the worldwide cell market share, making them enticing targets for risk actors searching for most influence.
The mix of privilege escalation and data disclosure vectors creates a compounding risk attackers can exploit these vulnerabilities in sequence to realize full system management whereas exfiltrating delicate information.
Organizations ought to combine these vulnerabilities into their vulnerability administration prioritization frameworks instantly.
CISA supplies a number of entry codecs for the KEV catalog together with CSV, JSON, and JSON Schema variants enabling seamless integration into safety instruments and platforms.
This accessibility ensures that even organizations with restricted assets can leverage CISA’s intelligence to enhance their safety posture.
Suggestions
The addition of those Android vulnerabilities displays broader patterns within the risk panorama, the place cell platforms more and more change into vectors for classy assaults.
Enterprise organizations ought to be certain that Cell System Administration (MDM) options are configured to implement well timed patching and that workers are notified of the significance of accepting safety updates promptly.
As remediation timelines strategy, organizations are inspired to reference CISA’s advisory steering and set up clear patching schedules.
The KEV catalog, up to date constantly as new exploited vulnerabilities emerge, stays a vital instrument for defenders searching for to remain forward of lively risk exercise.
Observe us on Google Information, LinkedIn, and X to Get On the spot Updates and Set GBH as a Most well-liked Supply in Google.
