top of page
Search

Vulnerabilities in Android Framework Cataloged by U.S. CISA as Known Exploited

  • Dec 2, 2025
  • 1 min read

Key Findings


  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:

  • CVE-2025-48572: Android Framework Privilege Escalation Vulnerability

  • CVE-2025-48633: Android Framework Information Disclosure Vulnerability


Background


  • The two high-severity vulnerabilities are reported to be "under limited, targeted exploitation" in the wild.

  • Google's latest Android update for December 2025 patched a total of 107 vulnerabilities, including the two exploited flaws in the Android Framework.

  • According to Binding Operational Directive (BOD) 22-01, federal agencies must address the identified vulnerabilities in the KEV catalog by the due date to protect their networks.

  • CISA has ordered federal agencies to fix the Android Framework vulnerabilities by December 23, 2025.


Vulnerability Details


CVE-2025-48572 - Android Framework Privilege Escalation Vulnerability


  • This vulnerability could allow an attacker to escalate their privileges on an affected Android device.

  • The flaw was reported to be under limited, targeted exploitation in the wild prior to the patch release.


CVE-2025-48633 - Android Framework Information Disclosure Vulnerability


  • This vulnerability could enable an attacker to obtain sensitive information from an affected Android device.

  • Like the privilege escalation flaw, this information disclosure issue was also being exploited in targeted attacks before the fix was made available.


Recommendations


  • Google has released security updates to address these vulnerabilities, and users are advised to update their devices to the latest patch level as soon as possible.

  • Private organizations are also recommended to review the CISA KEV catalog and address the identified Android vulnerabilities in their infrastructure.

  • Federal agencies must comply with CISA's directive and fix the flaws by the December 23, 2025 deadline to protect their networks.


Sources


  • https://securityaffairs.com/185252/security/u-s-cisa-adds-android-framework-flaws-to-its-known-exploited-vulnerabilities-catalog.html

  • https://thehackernews.com/2025/12/google-patches-107-android-flaws.html

  • https://securityonline.info/android-emergency-critical-dos-flaw-and-2-exploited-zero-days-in-framework-require-immediate-patch/

  • https://x.com/shah_sheikh/status/1995971875659235615

  • https://windowsforum.com/threads/cisa-kev-spotlight-android-framework-cve-2025-48633-patch-urgency.391877/post-947917

  • https://thecyberexpress.com/cisa-warns-android-vulnerabilities-attacked/

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page