A serious cybersecurity threat has been identified for government and private organizations using Android mobile phones, after which Pakistan’s National Cyber Emergency Response Team (National CERT) has issued an urgent security advisory regarding Android zero-day exploits.
The advisory has been issued based on the Android Security Bulletin for December 2025. It states that multiple high-severity vulnerabilities exist in mobile phones running Android version 13 and above, including some zero-day flaws that are currently being actively exploited.
According to National CERT, attackers can use these vulnerabilities to access sensitive information, gain unauthorized system privileges, and in some cases carry out remote denial-of-service (DoS) attacks.
The advisory further clarifies that these cyberattacks may be linked to surveillance, espionage, and spyware campaigns, posing a serious threat not only to individual users but also to national digital assets.
Three major vulnerabilities have been highlighted in the advisory. The first relates to information disclosure, which allows access to sensitive data through a memory leak.
The second vulnerability enables an attacker, after gaining initial access, to escalate privileges within the system. The third is an extremely dangerous remote denial-of-service flaw that can affect the Android framework without requiring any execution privileges. This flaw has been found in Android versions 13, 14, 15, and 16.
According to National CERT, Android devices will remain vulnerable until the December 2025 security update is installed. These updates are already available for Google Pixel devices, and users have been directed to install them immediately. However, for Samsung and other OEM devices, these updates are expected by the end of January 2026 or possibly later.
At the enterprise or organizational level, the deployment of updates will depend on the respective institution’s IT policy. Nevertheless, unpatched devices will continue to face security risks.
The advisory recommends immediate actions for all users, including installing the December 2025 Android security update without delay, verifying the security patch level, and avoiding the installation of third-party or unverified applications.
For government and organizational mobile devices, it is advised to enforce mandatory update policies through Mobile Device Management (MDM), monitor suspicious activities such as crash logs and unusual privilege usage, and restrict unpatched devices from accessing sensitive systems.
Users are also advised to keep Google Play Protect enabled, regularly back up their data, and increase awareness regarding phishing and targeted cyberattacks.
National CERT has emphasized that installing the December 2025 security update, keeping Google Play Protect active, installing apps only from trusted app stores, and conducting widespread awareness campaigns have become essential for Android users.
The advisory concludes with a warning that delays in implementing these measures could leave not only individual mobile devices but entire networks exposed to active cyber threats.
National CERT has directed all government institutions, departments, and Android users to ensure immediate compliance and provide confirmation to their IT or security focal persons.
.jpeg)
.jpeg)
.jpg)
Comments
No comments yet. Be the first 🙂