Android users are facing serious security risks that could lead to data theft, phone takeovers, and service disruptions, as hackers are actively exploiting hidden flaws in the operating system, according to a new advisory issued by the National Cyber Emergency Response Team (National CERT).
National CERT warned that these security flaws, known as zero-day vulnerabilities, are already being used in real-world attacks. The risks include unauthorized access to personal and official data, spying through surveillance or spyware tools, system crashes, and disruption of services. Government departments and organizations using Android phones for official work face a higher level of risk if their devices are not updated.
The advisory is based on the Android Security Bulletin for December 2025, which identified a total of 107 security vulnerabilities. Among these are three high-severity zero-day flaws that are under active exploitation. The affected devices are those running Android version 13 and above.
National CERT highlighted three major vulnerabilities. One flaw, CVE-2025-48633, allows attackers to secretly access sensitive information by leaking data from a phone’s memory. Another vulnerability, CVE-2025-48572, allows attackers to gain higher control of a device once they have initial access. A third flaw, CVE-2025-48631, can remotely crash Android devices running versions 13, 14, 15, and 16, without requiring special access or permissions.
According to the advisory, Android devices will remain vulnerable until the December 2025 security update is installed. Google Pixel phones have already received the update, while Samsung and other Android phone makers may roll out the fix later, possibly extending into late January 2026 or beyond. Devices managed by organizations will receive updates based on internal IT policies, while phones that remain unpatched continue to be exposed to active threats.
National CERT has urged users and organizations to immediately install the December 2025 Android Security Update and ensure their device security patch level is 2025-12-05 or later. The advisory also warns users to avoid installing apps from unverified third-party sources.
Additional recommended steps include enforcing mandatory updates on office-managed devices, enabling Google Play Protect, limiting access from devices that have not been updated, and increasing user awareness to avoid phishing and targeted attacks. National CERT stressed that delaying updates could leave individual users and entire networks at risk.
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.