"Four of the critical flaws affect the core Android kernel. An attacker who exploited any of these could obtain higher privileges or access to an infected device, allowing them to take control of it. Another critical flaw affects the Android Framework, which lets apps interface with key system services. Here, someone could execute a remote denial of service attack to prevent you from using your device properly."
"But some of the flaws rated as High also pose serious threats. Among these, two may have already been exploited in targeted attacks, according to Google and CISA (Cybersecurity and Infrastructure Security Agency), which maintains a catalog of known vulnerabilities. In its own news release, CISA referred to these types of security bugs as a frequent attack vector for cybercriminals."
Google released the December 2025 Android Security Bulletin that fixes 107 vulnerabilities affecting Android 13 through 16. Most vulnerabilities are rated High, some Moderate, and several are rated Critical. Four Critical flaws affect the core Android kernel and could allow an attacker to obtain higher privileges or access to an infected device, enabling full control. Another Critical flaw affects the Android Framework and could permit a remote denial-of-service preventing normal device use. Two High-rated flaws may have already been exploited in targeted attacks, and one such flaw is tracked as CVE-2025-48572, an Android Framework privilege-escalation vulnerability.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]