CISA has issued an pressing alert relating to a zero-day vulnerability within the Android working system that’s being actively exploited in real-world assaults.
The vulnerability, recognized as CVE-2025-48543, is a high-severity subject that might enable attackers to achieve elevated management over affected units.
On Thursday, September 4, 2025, CISA added the vulnerability to its Identified Exploited Vulnerabilities (KEV) catalog, signaling a confirmed and ongoing risk to customers.
The vulnerability is described as a use-after-free vulnerability throughout the Android Runtime (ART), the core part liable for executing purposes on Android units.
A malicious actor can exploit such a reminiscence corruption bug to bypass the strong safety confines of the Chrome browser sandbox, leading to native privilege escalation.
Android 0-Day Use-After-Free Vulnerability
A profitable exploit would successfully grant an attacker higher-level permissions on the machine, remodeling a low-privilege compromise into a big system-wide breach. This might allow them to put in persistent malware, entry delicate consumer information, or take additional management of the compromised machine.
Based on the data launched by CISA, the precise risk actors or the character of the campaigns leveraging this exploit, corresponding to its use in ransomware assaults, are at the moment unknown.
Nonetheless, the inclusion within the KEV catalog confirms that safety researchers have noticed energetic exploitation within the wild, that means attackers had been utilizing the flaw earlier than a patch was publicly out there.
In response to the energetic risk, CISA has issued a binding operational directive to all Federal Civilian Government Department (FCEB) companies. These companies are required to use the mandatory mitigations as instructed by the seller by a deadline of September 25, 2025.
If patches are usually not out there, companies are instructed to discontinue using the product to forestall potential compromise.
Google has addressed the vulnerability in its September 2025 Android Safety Bulletin, launched on September 1. CISA’s advisory urges all organizations, in addition to particular person Android customers, to prioritize putting in this safety replace as quickly as it’s made out there by their machine producer.
Given the severity of a privilege escalation flaw, all Android customers are strongly inspired to verify for and apply the newest system updates instantly. To take action, customers can usually navigate to Settings > System > System replace.
Immediate patching stays probably the most crucial protection in opposition to vulnerabilities which can be being actively utilized in cyberattacks.
Discover this Story Attention-grabbing! Observe us on Google Information, LinkedIn, and X to Get Extra Prompt Updates.
