448/68 Thursday, November 6, 2025
Google has released the November 2025 Android security update, addressing two significant vulnerabilities in the System component. One of the flaws is classified as critical, as it could enable Remote Code Execution (RCE) without requiring additional privileges or user interaction. These fixes are included in the Android security patch level 2025-11-01, which is the only patch set Google issued in this cycle.
The first vulnerability, CVE-2025-48593, stems from insufficient input validation and could allow an attacker to execute code remotely on the device (RCE). It affects Android versions 13, 14, 15, and 16.
The second vulnerability, CVE-2025-48581, is located in the apexd.cpp file and involves a flaw in the module installation verification process. It could allow an attacker to block security updates and perform local privilege escalation without requiring additional permissions. This vulnerability affects Android 16.
Google stated that no active exploitation has been detected so far, and there are no known in-the-wild attacks leveraging these vulnerabilities. However, users are strongly advised to install the update as soon as it becomes available on their devices to minimize potential risks.
