Descripción:
Google ha lanzado Android Security Bulletin septiembre de 2025 para corregir múltiples vulnerabilidades de seguridad en el sistema operativo Android. La lista de actualizaciones de seguridad se puede encontrar en:https://source.android.com/docs/security/bulletin/2025-09-01
Android indica que la escalada de vulnerabilidades de privilegios (CVE-2025-38352 y CVE-2025-48543) puede estar bajo explotación limitada y específica. Se aconseja a los administradores del sistema que tomen medidas inmediatas para parchear sus sistemas afectados para mitigar el riesgo elevado de ataques cibernéticos.
Sistemas afectados:
Android versión 13, 14, 15 y 16
Impacto:
Dependiendo de la vulnerabilidad explotada, un ataque exitoso podría conducir a la ejecución remota del código, la negación del servicio, la elevación del privilegio o la divulgación de información en un dispositivo afectado.
Recomendación:
Algunos fabricantes han solucionado o han planeado arreglar las vulnerabilidades en sus sistemas Android. Se recomienda a los usuarios que consulten a los proveedores de productos para confirmar la disponibilidad de parches. Si hay parches disponibles, los usuarios deben actualizar a las versiones fijas o seguir las recomendaciones proporcionadas por los proveedores de productos para mitigar el riesgo.
Más información:
https://source.android.com/docs/security/bulletin/2025-09-01
https://www.hkcert.org/security-bulletin/android-multiple-vulnerability_20250903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-39810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2023-24023
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2024-47898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2024-47899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2024-49714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2024-7881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-0076
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-0089
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-021701
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-0467
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-1246
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-1706
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-20696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-20703
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-20704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-20708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21432
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21433
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21446
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21450
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21481 (a CVE-2025-21484)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21487
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21488
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-21755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-25179
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-25180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-26454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-26464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27043
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-27073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-3212
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32323 (a CVE-2025-32327)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32330 (a CVE-2025-32333)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32345 (a CVE-2025-32347)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-32350
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-38352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-46707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-46708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-46710
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-47317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-47318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-47326
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-47328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-47329
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48522 (a CVE-2025-48524)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48526 (a CVE-2025-48529)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48532
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48534
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48537 (a CVE-2025-48554)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48558 (a CVE-2025-48563)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-48581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2025-8109