Patchday: Critical malicious code vulnerability in Android 13, 14, 15, 16 closed
Attackers can target devices with Android and, in the worst case, execute malicious code. Security updates provide a remedy.
(Image: rvlsoft / Shutterstock.com)
Owners of Android smartphones or tablets that are still supported should update their devices for security reasons. If this is not done, attackers can exploit vulnerabilities and compromise devices.
Security issues
As indicated by a warning, the developers have only closed two system security vulnerabilities (CVE-2025-48593 “critical,” CVE-2025-48581 “high”) in this patch day. The critical vulnerability affects Android 13, 14, 15, and 16. Remote attackers can push and execute malicious code on devices through this. According to Google's description, attackers do not need special privileges for this and are not dependent on victim interaction. However, how such an attack could proceed in detail remains unclear for now.
The second vulnerability exclusively impacts Android 16. In this case, attackers can gain higher user privileges. For both cases, there are currently no reports of ongoing attacks. Owners of Android devices should nevertheless ensure that they have installed the latest security updates.
Protecting devices
The developers assure that the two security vulnerabilities have been closed in the patch level 2025-11-01. The installed patch level can be checked in the system settings. In addition to Google, Samsung, among others, also releases monthly security updates for selected smartphones (see box).
Videos by heise
In October there was an entry for new Android security patches, but no specific security vulnerabilities were listed therein. In September of this year, attackers already exploited vulnerabilities.
(des)
