Android Framework bugs added to CISA KEV list

Ongoing attacks involving a pair of high-severity Android Framework flaws have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal civilian executive branch agencies urged to remediate both security weaknesses by Dec. 23, according to Security Affairs.

Threat actors could leverage the issues, tracked as CVE-2025-48572 and CVE-2025-48633, to facilitate privilege escalation and information compromise, said CISA, which also called on private entities to examine the updated KEV list and promptly implement fixes.

Such a development comes after Google addressed both bugs, which have been used in "limited, targeted exploitation", along with 105 other Android issues across system, kernel, and major vendor components as part of this month's security update. The update has been divided into two patch levels in a bid to hasten remediation efforts, noted Google.