Android Multiple Vulnerabilities
Release Date: 7 May 2025
RISK: High Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.
Note:
There are indications that CVE-2025-27363 may be under limited, targeted exploitation. This could lead to local code execution with no additional execution privileges needed.
Impact
- Remote Code Execution
- Denial of Service
- Elevation of Privilege
- Information Disclosure
System / Technologies affected
- Android security patch level prior to 2025-05-05
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://source.android.com/docs/security/bulletin/2025-05-01
Vulnerability Identifier
- CVE-2023-21342
- CVE-2023-35657
- CVE-2024-34739
- CVE-2025-0077
- CVE-2025-0087
- CVE-2025-22425
- CVE-2025-26420
- CVE-2025-26421
- CVE-2025-26422
- CVE-2025-26423
- CVE-2025-26424
- CVE-2025-26425
- CVE-2025-26426
- CVE-2025-26427
- CVE-2025-26428
- CVE-2025-26429
- CVE-2025-26430
- CVE-2025-26435
- CVE-2025-26436
- CVE-2025-26438
- CVE-2025-26440
- CVE-2025-26442
- CVE-2025-26444
- CVE-2025-27363
沒有留言:
發佈留言