Redazione RHC : 5 November 2025 16:52
Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerability was discovered in system components of the operating system and described in the November 2025 Android Security Bulletin.
The vulnerability, identified as CVE-2025-48593, is considered one of the most dangerous in recent years . It affects several versions of the Android Open Source Project (AOSP), from 13 to 16, and can be exploited for remote code execution (RCE) without requiring additional privileges or action from the device owner.
Google estimates that attackers can exploit the bug by sending specially crafted network packets or distributing malicious apps via third-party stores and sideloaded installations. A successful attack allows full access to the device, including the ability to steal data, install ransomware, or turn the smartphone into a botnet. The issue has been logged internally with Android bug ID A-374746961 and has already been fixed in the latest AOSP builds.
The vulnerability results from improper handling of system processes, allowing arbitrary code injection during normal operations , such as app launches or background data synchronization. Researchers note that the symptoms of the vulnerability are similar to previous memory corruption incidents used to escalate privileges on the device.
The bulletin also identifies another vulnerability, CVE-2025-48581. It is classified as a high-severity escalation of privilege (EoP) vulnerability and also exists in the system component. Unlike EoP, exploitation requires prior access to the system but allows an application to gain unauthorized control of sensitive device functions.
Devices running Android 10 and later will be able to receive security updates, but owners of older models risk being left unprotected if manufacturers delay patch releases. Google recommends all users check for updates as soon as possible via Settings > System > System Update and set the security patch level to 2025-11-01, which fully resolves these issues.
The company emphasizes that no active exploits have been registered yet, but the nature of the vulnerability makes it particularly dangerous for government officials and public figures, who are often the target of targeted attacks.
Android fragmentation remains a key issue in the ecosystem, making timely responses from vendors crucial to protecting users. Experts recommend enabling automatic updates and avoiding installing apps from untrusted sources: this remains the most reliable way to minimize risks amid growing threats to mobile devices.
Redazione