Google has issued the Android security bulletin for December 2025, which addresses 107 vulnerabilities, including two issues that are currently exploited in targeted attacks.
CVE-2025-48633 and CVE-2025-48572 are the two high-severity vulnerabilities identified. They are information disclosure and elevation-of-privilege problems that impact Android versions 13-16.
More details on the zero-day exploited flaws are CVE-2025-48633 which describes an information disclosure issue in the Android Framework component and CVE-2025-48572 which also describes a privilege escalation issue discovered in the Android Framework.
The December Android advisory team stated that there are indications that the following may be under limited, targeted exploitation.
Exploiting these issues could allow attackers to get sensitive information or greater levels of system access on a vulnerable device.
While Google has not provided any technical or exploitation information regarding the weaknesses, comparable flaws have previously been leveraged for targeted exploitation by commercial spyware or nation-state operations aimed at a small number of high-interest persons.
CVE-2025-48631, a denial-of-service (DoS) issue in the Android Framework, is the most severe vulnerability fixed this month, in order of severity.
This month’s upgrades fix 51 weaknesses in Android Framework and System components, which are covered by the 2025-12-01 Patch Level, as well as 56 issues in the Kernel and third-party closed-source components that are covered by the 2025-12-05 Patch Level.
There are four critical-severity updates for elevation-of-privilege problems in the kernel’s Pkvm and UOMMU subcomponents, as well as two critical fixes for Qualcomm-powered devices (CVE-2025-47319 and CVE-2025-47372).
While the updates target Android 13 and above, certain essential patches may also roll out to Android 10 and later via Google Play system updates.
Furthermore, Play Protect can detect and stop known malware and attack chains, thus users of any Android version should maintain the component up to date and active.
Those running older Android versions should either use a third-party distribution that contains Google’s security fixes on a regular basis, or upgrade to a newer device model for active support.
To reduce these dangers, users should upgrade their Android devices as soon as possible. Google Pixel smartphones often receive updates instantly, although other manufacturers deliver patches on their own schedules.
Check for updates on the specified android device and open the settings application.
Go to System > System Update (or About Phone > Software Updates, depending on the device brand).
To protect yourself from any risks, make sure your device’s security patch level is 2025-12-05 or later.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
