By The Hacker News
Publication Date: 2025-12-02 07:17:00
Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild.
The patch addresses a total of 107 security flaws spanning different components, including Framework, System, Kernel, as well as those from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison.
The two high-severity shortcomings that have been exploited are listed below –
- CVE-2025-48633 – An information disclosure vulnerability in Framework
- CVE-2025-48572 – An elevation of privilege vulnerability in Framework
As is customary, Google has not released any additional details about the nature of the attacks, exploiting them, if they have been chained together or used separately, and the scale of such efforts. It’s not known who is behind the attacks.
However, the tech giant acknowledged in its advisory that there are indications they “may be under…
