New exploit paths for current Android versions:
- CVE-2025-48543: ART runtime UAF → system UID (Android 13-16, pre-Sep 2025)
Public PoC available. Works from malicious app — no ADB needed.
- CVE-2025-48572/48633: Framework info leak + EoP chain (Android 13-16, pre-Dec 2025)
CISA KEV listed, confirmed in-the-wild. No public PoC yet.
- pKVM kernel bugs (CVE-2025-48623/24, CVE-2026-0027/28/37): kernel/hypervisor
escalation from system UID. Chain: ART UAF → pKVM → full kernel root.
- avbroot + KernelSU-Next/Magisk for GKI 6.1/6.6 on Android 15/16 Pixel 9
assess_vulnerabilities() now covers Android 12 through 16 with automatic
exploit path selection based on SDK version and security patch level.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
57dfd8f41a