The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. This high-severity zero-day (tracked as CVE-2024-53104) is a privilege escalation security flaw in the Android Kernel's USB Video Class driver that allows authenticated local threat actors to elevate privileges in low-complexity attacks. CVE-2024-45569 can be exploited by remote attackers to potentially execute arbitrary code or commands, read or modify memory, and trigger crashes in low-complexity attacks that don't require privileges or user interaction.

‍