CISA reports that two Android Framework vulnerabilities, CVE-2025-48572 and CVE-2025-48633, are being actively exploited in the wild, enabling local privilege escalation without user interaction on Android 13–16 devices and therefore require prioritized remediation as part of vulnerability management programs.