High Threat Security Alert (A25-12-01): Multiple Vulnerabilities in Android


 

Published on: 02 December 2025

Description:

Google has released Android Security Bulletin December 2025 to fix multiple security vulnerabilities in Android operating system. The list of security updates can be found at:
https://source.android.com/docs/security/bulletin/2025-12-01

Android indicates that escalation of privilege vulnerability (CVE-2025-48572) and information disclosure vulnerability (CVE-2025-48633) may be under limited, targeted exploitation. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Android version 13, 14, 15 and 16

 

Impact:

Depending on the vulnerabilities exploited, a successful attack could lead to denial of service, elevation of privilege or information disclosure on an affected system.

 

Recommendation:

Some manufacturers have fixed or have planned to fix the vulnerabilities in their Android systems. Users are recommended to consult the product vendors to confirm the availability of patches. If patches are available, users should upgrade to the fixed versions or follow the recommendations provided by the product vendors to mitigate the risk.

 

More Information:

  • https://source.android.com/docs/security/bulletin/2025-12-01
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40130
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35970
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3012
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6349
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6573
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8045
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11131 (to CVE-2025-11133)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20725 (to CVE-2025-20727)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20730
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20750 (to CVE-2025-20759)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20790 (to CVE-2025-20792)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22420
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22432
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25177
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27053 (to CVE-2025-27054)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27070
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27074
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31717 (to CVE-2025-31718)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32319
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32328 (to CVE-2025-32329)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38236
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38349
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38500
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46711
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47319
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47323
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47351
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47354
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47370
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47372
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47382
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48525
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48536
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48555
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48564 (to CVE-2025-48566)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48572 (to CVE-2025-48573)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48575 (to CVE-2025-48576)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48580
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48583 (to CVE-2025-48584)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48586
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48588 (to CVE-2025-48592)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48594
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48596 (to CVE-2025-48601)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48603 (to CVE-2025-48604)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48607
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48610
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48612
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48614 (to CVE-2025-48615)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48617 (to CVE-2025-48618)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48620 (to CVE-2025-48624)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48626 (to CVE-2025-48629)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48631 (to CVE-2025-48633)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48637 (to CVE-2025-48639)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61607 (to CVE-2025-61610)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61617 (to CVE-2025-61619)


Tag: Android
Tags