Ref# ADV2025_409 | Date: Dec 8th 2025

---

Android published a security advisory highlighting vulnerabilities in the following product on December 1st, 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated. 

On December 2nd, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-48572 and CVE-2025-48633 to their Known Exploited Vulnerabilities (KEV) Database. 

For more information on this update, you can follow these URLs: 

• Android Security Bulletin 

• Known Exploit Vulnerability Catalog 

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary. 

References 

• Android Security Advisory (December 4th, 2025). Retrieved from Android. https://source.android.com/docs/security/bulletin/2025-12-01 

  

• Android Security Advisory. (December 2nd, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/android-security-advisory-december-2025-monthly-rollup-av25-799