Critical Zero-Click Android Vulnerability — A New Frontier for Mobile Attacks
What Happened
Researchers from SOC Prime and Google TAG have disclosed a new Zero-Click vulnerability in Android (tracked as CVE-2025-48593) that enables remote code execution without any user interaction.
The flaw affects Android 13 and 14 and has been actively exploited via malicious MMS payloads and push notifications.
Google issued a critical patch in its November Security Bulletin, but many device manufacturers (including Huawei, Samsung, and Xiaomi) have yet to deploy the update across their models.
Why It Matters
Zero-Click exploits are increasingly used by APT actors and commercial spyware vendors, bypassing user awareness and traditional defenses.
With growing integration between mobile devices and enterprise systems, a single compromised phone can become a stealth access point into corporate infrastructure.
Organizations embracing BYOD (Bring Your Own Device) models face amplified risk when employees’ personal devices are left unpatched or unmonitored.
DIAMATIX Perspective
“The mobile perimeter has become part of enterprise defense.
Every device — corporate or personal — carries organizational risk.”
— DIAMATIX SOC Team
DIAMATIX recommends that companies:
Enforce mobile device management (MDM) with mandatory automatic updates;
Maintain a real-time device inventory with access-control policies;
Integrate Mobile Threat Defense (MTD) and MDRaaS for continuous detection and response;
Launch awareness programs to highlight the importance of patching Zero-Click vulnerabilities.
Sources
Ready to go further?
Experience how continuous detection and response enhance compliance in action with MDR 360°.
→ Request MDR 360° Demo
