🚨 CRITICAL ALERT: Active Zero-Day Exploits

Google has disclosed active, targeted exploitation of CVE-2025-48595, a critical Android vulnerability with a CVSS score of 8.4 that can lead to code execution through an integer overflow and local privilege escalation without requiring user interaction. This vulnerability is included in CISA’s Known Exploited Vulnerabilities catalog, making it an immediate priority for patching and containment.View NVD | CISA KEV

Critical Vulnerabilities (CVSS >= 8.0)

• CVE-2025-48595 (CVSS: 8.4): In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed, and user interaction is not needed for exploitation. Google has indicated signs of limited, targeted exploitation, and CISA has added it to the KEV list.View NVD | CISA KEV

⚡ Immediate Actions Required

Deploy the latest Android security updates immediately, prioritize devices running Android 14, 15, 16, and 16 QPR2, and verify installation of the newest patch level across all managed endpoints. Treat affected devices as exposed until confirmed patched, especially high-value or high-risk user populations, and monitor for signs of compromise consistent with targeted exploitation.View NVD | CISA KEV