Cyberattacks

CISA Warns of Critical Android Zero-Day Under Active Attack

CISA alerts on critical Android zero-day vulnerability CVE-2025-48543; users must update immediately to prevent attacks.

By Content Team

Sep 7, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

CISA issued an urgent alert Thursday about a high-severity Android zero-day vulnerability (CVE-2025-48543) being actively exploited by attackers. The use-after-free bug in Android Runtime allows hackers to escape Chrome's security sandbox and gain elevated device permissions, potentially installing malware or accessing sensitive data.

The vulnerability was added to CISA's Known Exploited Vulnerabilities catalog on September 4, 2025, confirming real-world attacks are underway. Federal agencies must patch by September 25 or stop using affected products.

Google addressed the flaw in its September 1 security bulletin. All Android users should immediately check Settings > System > System update and install available patches to protect against this serious threat.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Notepad++ Update System Hijacked in Months-Long Supply Chain Attack

Feb 7, 2026

Microsoft Releases Emergency Patch for Critical .NET Vulnerability

Mar 11, 2026

Single Hacker Behind Dozens of Major Corporate Data Breaches

Jan 6, 2026

Kaiser Permanente Settles Privacy Breach for $46 Million - Here's How to Claim Your Share

Feb 4, 2026