Cyber Security News

Google Patches Actively Exploited Android 0-Day Vulnerability

Google has issued critical security updates to address a recently discovered zero-day vulnerability actively exploited in Android devices.

The Android Security Bulletin for April 2025 highlights the details of multiple security vulnerabilities, including high-profile issues such as CVE-2024-53150 and CVE-2024-53197, which have reportedly been exploited in targeted attacks.

These vulnerabilities are addressed in the security patch levels of 2025-04-05 or later, and users are strongly advised to update their devices immediately.

The Critical 0-Day Vulnerability

Google’s bulletin describes a significant flaw in the System component, marked by CVE-2024-53150, which could lead to remote escalation of privilege.

What makes this vulnerability particularly dangerous is that it requires no user interaction or additional execution privileges to exploit, making it an attractive target for malicious actors.

Another vulnerability, CVE-2024-53197, is also under active, limited exploitation, further underscoring the need for immediate patch application.

Key Technical Details

The April security bulletin categorizes vulnerabilities based on their affected component, type, severity, and the Android Open Source Project (AOSP) version updates.

Below is a detailed table summarizing the most critical issues:

Framework Vulnerabilities

CVEReferencesTypeSeverityUpdated AOSP Versions
CVE-2025-22429A-373357090IDCritical13, 14, 15
CVE-2025-22416A-277207798EoPHigh13, 14, 15
CVE-2025-22417A-332277530EoPHigh14, 15
CVE-2025-22442A-382064697EoPHigh13, 14, 15
CVE-2024-53150Remote PrivilegeCriticalUnder Exploitation

Notable Exploited CVEs in April 2025 Patch

CVEDescriptionExploitation Status
CVE-2024-53150Remote escalation of privilege (System flaw).Actively exploited
CVE-2024-53197High-severity targeted attacks observed.Actively exploited

Mitigation Efforts by Google

Google employs various security mechanisms to combat exploitation. These include:

  • Android Security Platform Protections: Enhancements in newer Android versions reduce vulnerability exploitation risks.
  • Google Play Protect: This feature, which is enabled by default on Android devices with Google Mobile Services, actively monitors for potentially harmful apps (PHAs).
  1. Update Immediately: Ensure your device is running the latest security patch level (2025-04-05 or later).
  2. Verify Security Patch Level: Navigate to Settings > About Phone > Android version to confirm.
  3. Enable Google Play Protect: This provides real-time monitoring against malicious apps.
  4. Avoid Sideloading Apps: Only download apps from trusted stores like Google Play.

The Android Security Team emphasizes that these vulnerabilities, particularly the actively exploited CVE-2024-53150, pose significant risks if left unpatched.

Attackers leveraging this exploit can bypass platform mitigations to gain elevated privileges remotely—a capability that could be used for data theft, malware installation, or unauthorized access to sensitive systems.

Google has urged all Android partners to roll out these updates promptly to ensure widespread protection. Source code patches for these vulnerabilities will also be made available in the AOSP repository within the next 48 hours.

With the discovery and active exploitation of critical flaws like CVE-2024-53150, the importance of swift patch adoption cannot be stressed enough.

Users are encouraged to take immediate steps to secure their devices and stay ahead of potential threats.

Google’s ongoing efforts to enhance the Android ecosystem’s security demonstrate its commitment to protecting user data in an evolving threat landscape.

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers

Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score of…

1 hour ago

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux, and…

1 hour ago

Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks

Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security Features…

1 hour ago

Seamless AI Communication: Microsoft Azure Adopts Google’s A2A Protocol

Microsoft has announced its support for the Agent2Agent (A2A) protocol, an open standard developed in…

1 hour ago

Radware Cloud Web App Firewall Flaw Allows Attackers to Bypass Security Filters

Security researchers have uncovered two critical vulnerabilities in Radware’s Cloud Web Application Firewall (WAF) that…

1 hour ago

ESET Reveals How to Spot Fake Calls Demanding Payment for ‘Missed Jury Duty’

ESET, a leading cybersecurity firm, has shed light on one particularly insidious scheme: fake calls…

2 hours ago