—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Android 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Android versions 13, 14, 15, 16

Overview

Multiple vulnerabilities have been reported in Android, which could allow an attacker to gain elevated privileges, obtain sensitive information, execute arbitrary code, or cause denial of service (DoS) condition on the targeted system.

Target Audience:

All OEMs and users of Android.

Risk Assessment:

High risk of unauthorized access of data and system instability.

Impact Assessment:

Gain elevated privileges, disclose sensitive information, execute arbitrary code, denial of service (DoS).

Description

Android is an open-source operating system primarily designed for mobile devices, including smart phones, tablets, smart watches, and other embedded system.

Multiple vulnerabilities exist in Android due to flaws in the Framework, Android Runtime, System, Widevine DRM, Project Mainline components, Kernel, Arm components, Imagination Technologies, MediaTek components, Qualcomm components and Qualcomm closed-source components.

Successful exploitation of these vulnerabilities could allow an attacker gain elevated privileges, obtain sensitive information, execute arbitrary code, or cause denial of service (DoS) condition on the targeted system.

Solution

Apply appropriate updates as mentioned in:

https://source.android.com/docs/security/bulletin/2025-09-01

References

Android

https://source.android.com/docs/security/bulletin/2025-09-01

CVE Name

CVE-2023-24023

CVE-2021-39810

CVE-2024-47898

CVE-2024-47899

CVE-2024-49714

CVE-2024-7881

CVE-2025-0076

CVE-2025-0089

CVE-2025-021701

CVE-2025-0467

CVE-2025-1246

CVE-2025-1706

CVE-2025-20696

CVE-2025-20703

CVE-2025-20704

CVE-2025-20708

CVE-2025-21427

CVE-2025-21432

CVE-2025-21433

CVE-2025-21446

CVE-2025-21449

CVE-2025-21450

CVE-2025-21454

CVE-2025-21464

CVE-2025-21465

CVE-2025-21477

CVE-2025-21481

CVE-2025-21482

CVE-2025-21483

CVE-2025-21484

CVE-2025-21487

CVE-2025-21488

CVE-2025-21755

CVE-2025-25179

CVE-2025-25180

CVE-2025-26454

CVE-2025-26464

CVE-2025-27032

CVE-2025-27034

CVE-2025-27042

CVE-2025-27043

CVE-2025-27052

CVE-2025-27056

CVE-2025-27057

CVE-2025-27061

CVE-2025-27065

CVE-2025-27066

CVE-2025-27073

CVE-2025-3212

CVE-2025-32321

CVE-2025-32323

CVE-2025-32324

CVE-2025-32325

CVE-2025-32326

CVE-2025-32327

CVE-2025-32330

CVE-2025-32331

CVE-2025-32332

CVE-2025-32333

CVE-2025-32345

CVE-2025-32346

CVE-2025-32347

CVE-2025-32349

CVE-2025-32350

CVE-2025-38352

CVE-2025-38352

CVE-2025-46707

CVE-2025-46708

CVE-2025-46710

CVE-2025-47317

CVE-2025-47318

CVE-2025-47326

CVE-2025-47328

CVE-2025-47329

CVE-2025-48522

CVE-2025-48523

CVE-2025-48524

CVE-2025-48526

CVE-2025-48527

CVE-2025-48528

CVE-2025-48529

CVE-2025-48531

CVE-2025-48532

CVE-2025-48534

CVE-2025-48535

CVE-2025-48537

CVE-2025-48538

CVE-2025-48539

CVE-2025-48540

CVE-2025-48541

CVE-2025-48542

CVE-2025-48543

CVE-2025-48544

CVE-2025-48545

CVE-2025-48546

CVE-2025-48547

CVE-2025-48548

CVE-2025-48549

CVE-2025-48550

CVE-2025-48551

CVE-2025-48552

CVE-2025-48553

CVE-2025-48554

CVE-2025-48556

CVE-2025-48558

CVE-2025-48559

CVE-2025-48560

CVE-2025-48561

CVE-2025-48562

CVE-2025-48563

CVE-2025-48581

CVE-2025-8109

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmi4USMACgkQ3jCgcSdc

ys/43w/8Dmp0CA9cCjJoOVUR81kd+utvzuezklwwH6jTFUUN+r0LrFGnpaaDjwD6

0Dns9WDQwj0j7nmgbi45/R/EusIkIL07Wg6oPb3pkLLBXZq8fbRB9Dj37d6XapLr

X9w0vcoQoXvvhB96VaOFjJ8dxIkcaSPzfC483TXYCW4ia9wQmj8zwSUSSKqtoOKH

AWrkEI7lbp8DEu82vN22EPDBvBA99+hS2murE0BmcbsjByNN9RfbT3XkVzuIamq6

1asROWlR9Xd9ihC0aQXf8v8IeBbK6EsUSEmYtbammOOhfcUX30ARK9lUb29cUQnq

NZP7qCK4rL+w/Lc513jtSHLkr8KO/TBzkx8+5fYp1Ot0w/CgOwtWlaXC0nhLWObq

6Aq52H1S/yHnYOmm0xJwhWuQUHpWtye5/57jCU/HLw1KMPG4SNjUnZIbOhWANCZa

m0GHaMxfZvkxGJTobH2xOAJ3tAt2LN6Z4IINYykA/5RYkVlqc11fLSzLcV6S6oNC

6qn7kXD6UOhXRuYUw7tQqeloq0b18hyKI/D11Qv2hAGEblzItk4o8DBA/rAvqHjk

etu1lmwlpxAj15W3uUrUXrf7eKjLU9Nc62CTa/Uvxw2HwURc5mHSp1p0oDqlROS4

3HyiBnc8B15wppGXMhDSgZ9lgtGTTZaw4esgKy+ltM3I+GIlJeg=

=6AIG

—–END PGP SIGNATURE—–