Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack thehackernews.com/2025/09/a…

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks.

The vulnerabilities are listed below

• CVE-2025-38352 (CVSS score: 7.4) - A privilege escalation flaw in the Linux Kernel component
• CVE-2025-48543 (CVSS score: N/A) - A privilege escalation flaw in the Android Runtime component

Google said both vulnerabilities could lead to local escalation of privilege with no additional execution privileges needed. It also noted that no user interaction is required for exploitation.