Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Google said there were “indications” of active exploitation of CVE-2025-48633 and CVE-2025-48572, and now the US cyber agency has confirmed it.
The United States Cybersecurity & Infrastructure Security Agency has added a pair of Android vulnerabilities to its Known Exploited Vulnerability Catalog, days after Google disclosed them alongside more than 100 other patches to its operating system.
Oddly, while the vulnerabilities have been disclosed, their CVE numbers – CVE-2025-48633 and CVE-2025-48572 – have only been reserved by the CVE Numbering Authority (in this case, Android, in association with Google). Once the CNA shares more details about the issues, the CVE entries will be updated.
CVE-2025-48572 is a privilege escalation vulnerability in the Android Framework, while CVE-2025-48633 is an information disclosure vulnerability in the Android Framework. Both are rated as High Severity vulnerabilities, though beyond that, Google has not shared any details of how they work.
All Google said was that there are “indications” that the two CVEs “may be under limited, targeted exploitation”.
Among the other 105 vulnerabilities addressed by Google is one Critical Severity bug, CVE-2025-48631, which Google covered in more detail.
“The most severe of these issues is a critical security vulnerability in the Framework component that could lead to remote denial of service with no additional execution privileges needed,” Google said.
“The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed.”
Hopefully, this one doesn’t get added to the KEV Catalog anytime soon.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
