The Cybersecurity and Infrastructure Safety Company (CISA) has added two crucial Android Framework vulnerabilities to its Recognized Exploited Vulnerabilities (KEV) catalog, signaling energetic exploitation within the wild and prompting fast motion from organizations and system customers worldwide.
The vulnerabilities CVE-2025-48572 and CVE-2025-48633 had been formally listed on December 2, 2025, and signify a major risk to the hundreds of thousands of Android gadgets in use throughout enterprise and client environments.
CVE-2025-48572 is an Android Framework privilege escalation vulnerability that permits attackers to raise their entry ranges on compromised gadgets.
This sort of vulnerability is hazardous as a result of it permits risk actors to bypass safety restrictions and acquire unauthorized management over delicate system capabilities.
Complementing this risk, CVE-2025-48633 represents an data disclosure vulnerability within the Android Framework, probably exposing confidential person knowledge and system data to malicious actors.
The addition of those vulnerabilities to CISA’s KEV catalog displays the company’s dedication to sustaining the authoritative supply of actively exploited safety vulnerabilities .
The KEV catalog serves as a crucial useful resource for community defenders, safety professionals, and organizations in search of to prioritize their vulnerability administration efforts successfully.
By monitoring real-world exploitation, CISA allows the cybersecurity neighborhood to focus remediation sources the place they matter most.
For organizations managing Android-based infrastructure or worker gadgets, the implications are substantial.
Android Zero-Day Vulnerability
CISA has set a due date of December 23, 2025, for remediation, offering a 21-day window for entities to deal with the vulnerabilities earlier than obligatory compliance necessities take impact.
The company recommends making use of mitigations per vendor directions because the fast precedence. For these unable to implement patches or mitigations, discontinuing use of affected merchandise could also be mandatory to stop compromise.
The risk panorama surrounding Android vulnerabilities continues to evolve as attackers more and more goal the platform’s widespread deployment.
Android gadgets handle roughly 70% of the worldwide cell market share, making them engaging targets for risk actors in search of most influence.
The mix of privilege escalation and knowledge disclosure vectors creates a compounding risk attackers can exploit these vulnerabilities in sequence to achieve full system management whereas exfiltrating delicate knowledge.
Organizations ought to combine these vulnerabilities into their vulnerability administration prioritization frameworks instantly.
CISA offers a number of entry codecs for the KEV catalog together with CSV, JSON, and JSON Schema variants enabling seamless integration into safety instruments and platforms.
This accessibility ensures that even organizations with restricted sources can leverage CISA’s intelligence to enhance their safety posture.
Suggestions
The addition of those Android vulnerabilities displays broader patterns within the risk panorama, the place cell platforms more and more grow to be vectors for classy assaults.
Enterprise organizations ought to be certain that Cell Machine Administration (MDM) options are configured to implement well timed patching and that staff are notified of the significance of accepting safety updates promptly.
As remediation timelines method, organizations are inspired to reference CISA’s advisory steerage and set up clear patching schedules.
The KEV catalog, up to date repeatedly as new exploited vulnerabilities emerge, stays a vital device for defenders in search of to remain forward of energetic risk exercise.
Observe us on Google Information, LinkedIn, and X to Get Immediate Updates and Set GBH as a Most well-liked Supply in Google.
