Google has launched important safety updates to deal with a number of zero-day vulnerabilities affecting Android units worldwide.
The December 2025 safety bulletin reveals that menace actors are actively exploiting no less than two of those vulnerabilities in real-world assaults, prompting pressing motion from the tech big.
Vital Vulnerabilities Beneath Lively Exploitation
The 2 most regarding vulnerabilities being actively exploited are CVE-2025-48633 and CVE-2025-48572, each labeled as data disclosure (ID) points with excessive severity rankings.
These vulnerabilities reside in Android’s Framework part and require quick consideration from gadget producers and customers.
CVE-2025-48633 poses a big danger by permitting unauthorized disclosure of knowledge on affected variations of Android 13, 14, 15, and 16.
Equally, CVE-2025-48572 is assessed as a privilege escalation vulnerability that might allow attackers to realize elevated entry on susceptible units.
AspectCVE-2025-48572CVE-2025-48633Vulnerability TypeElevation of Privilege (EoP)Info Disclosure (ID)Severity RatingHighHighComponentAndroid FrameworkAndroid FrameworkAffected VersionsAndroid 13, 14, 15, 16Android 13, 14, 15, 16Impact DescriptionAllows attacker to realize elevated system privileges with out requiring extra permissionsEnables unauthorized entry to delicate gadget data and information
Most Extreme Risk: Distant Denial of Service
Whereas CVE-2025-48633 and CVE-2025-48572 signify essentially the most actively exploited threats, the safety bulletin identifies an much more important vulnerability.
CVE-2025-48631 stands out as essentially the most extreme challenge on this month’s replace, able to inflicting distant denial-of-service assaults.
What makes this vulnerability significantly harmful is that attackers want no extra execution privileges to take advantage of it, which means even unauthenticated attackers may set off it.
Google’s safety response is complete, addressing over 30 vulnerabilities throughout a number of Android parts.
Safety patch ranges resolve these points, with supply code patches to be launched to the Android Open-Supply Challenge inside 48 hours of the bulletin’s publication.
The Framework part dominates this month’s updates, with vulnerabilities together with privilege escalation flaws (CVE-2025-22420, CVE-2025-48525).
Denial-of-service points and knowledge disclosure vulnerabilities affecting Android variations 13 by 16. Google emphasizes that customers can considerably scale back their danger by quick motion.
The corporate has applied a number of layers of safety by the Android safety platform and Google Play Shield, that are enabled by default on units with Google Cell Providers.
Safety consultants advise customers to put in accessible updates instantly, significantly these utilizing Android 13, 14, 15, or 16.
Gadget producers obtained advance notification no less than one month earlier than the general public bulletin launch, permitting them time to organize patches for his or her particular units.
Android gadget homeowners ought to prioritize checking for accessible safety updates of their gadget settings. Customers can confirm their present safety patch degree by their gadget’s About Telephone part.
Instant set up of patches addressing the December 5, 2025, safety degree is strongly really useful, particularly for units that energetic exploits could goal.
Moreover, customers ought to guarantee Google Play Shield stays enabled and think about limiting app set up to the official Google Play Retailer, because the system actively displays for doubtlessly dangerous purposes which may exploit these vulnerabilities.
