Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Summary
Google has addressed 51 vulnerabilities in Android, including two high-severity flaws (CVE-2025-48633 and CVE-2025-48572) that are potentially under targeted exploitation. Both vulnerabilities impact the Android Framework, which is essential for app development, and could allow malicious applications to access sensitive information.
Original Article Summary
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted exploitation”. According to the December Android security bulletin, both vulnerabilities affect the Android Framework, which is a collection of core software components, libraries, and APIs that developers use to build Android apps. Their exact nature has yet to be revealed, but the bulletin notes that CVE-2025-48633 can be exploited by Android applications to access sensitive … More → The post Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572) appeared first on Help Net Security.
Impact
Android Framework; potentially all devices running affected versions of Android.
In the Wild
Yes
Timeline
Disclosed on December 2025
Remediation
Patches have been released to address the vulnerabilities. Users are advised to update their devices to the latest Android version as per the December Android security bulletin.