vivo | security patch updates

Android Security Advisories

Details

Android Enterprise Recommended

Vulnerability Response

Introduction to vivo Android Security Updates.

At vivo, we take security issues very seriously and we are doing our best to respond as soon as possible. Securing your device and maintaining the trust you place in us is our top priority.

vivo releases monthly, quarterly and regular security updates on selected vivo devices listed below. Security updates will include Android security patches released by Google.

Current Models for Monthly Security Updates

  iQOO 13
  iQOO 12
  iQOO 11
  iQOO 9 Pro, iQOO 9T
  iQOO Neo 10R
  iQOO Neo9 Pro
  iQOO Neo7, iQOO Neo7 Pro
  iQOO Z10R 5G, iQOO Z10x 5G
  iQOO Z9 Lite 5G, iQOO Z9 Pro 5G, iQOO Z9s 5G
  X Fold3 Pro
  X200, X200 Pro, X200 FE
  X100, X100 Pro
  X90, X90 Pro
  X80
  V50, V50 Lite, V50 Lite 5G, V50e
  V40, V40 Pro, V40 Lite, V40 Lite 5G, V40 SE, V40 SE 5G, V40 SE 80W, V40e
  V30, V30 Pro, V30 Lite, V30 Lite 5G, V30 SE
  V29, V29 Pro, V29e, V29e 5G, V29 Lite 5G
  V27, V27e, V27 pro
  V25e
  T4R 5G
  T3 Lite 5G, T3 Pro 5G
  Y03t
  Y04, Y04e, Y04s
  Y18i, Y18t
  Y19 5G, Y19e, Y19s, Y19sGT 5G
  Y28e 5G
  Y29, Y29 5G, Y29s 5G, Y29t 5G
  Y39 5G
  Y78 5G
  Y100 5G
  Y200, Y200e 5G
  Y300 5G, Y300 Plus 5G
Current Models for Quarterly Security Updates

  iQOO Z9 5G, iQOO Z9x 5G
  iQOO Z7 5G, iQOO Z7x 5G, iQOO Z7s 5G, iQOO Z7 Pro 5G
  iQOO Z6 Lite 5G
  T2 5G, T2 Pro 5G
  Y03
  Y15A
  Y17s
  Y18, Y18e
  Y27, Y27 5G
  Y28, Y28 5G
  Y36, Y36 5G
  Y37 5G
  Y38 5G
  Y100A
  Y200 5G
Current Models for Regular Security Updates

  NEX
  NEX 3
  NEX Dual Display
  iQOO 3
  iQOO 7, iQOO 7 Legend
  iQOO 9, iQOO 9 SE
  iQOO Z6, iQOO Z6 5G
  iQOO Z5
  iQOO Z3 5G
  iQOO Neo6
  T1, T1x, T1 5G, T1 Pro 5G
  X21
  X50, X50 Pro, X50 Lite, vivo X50e
  X60, X60 Pro, X60 Pro+
  X70, X70 Pro, X70 Pro+
  X80 Pro, X80 Lite 5G
  V25, V25 Pro
  V23 5G, V23 Pro, V23e, V23e 5G
  V21, V21e, V21 5G, V21e 5G
  V20, V20 2021, V20 Pro, V20 SE
  V19
  V17, V17 Pro
  V15, V15Pro
  V11, V11i, V11Pro
  V9, V9 6GB, V9 Pro, V9 Youth
  S1, S1 Pro, S1 Prime
  Z1x
  Z1Pro
  U10
  U20
  Y01, Y01A, Y1s
  Y02A, Y02, Y02s, Y02t
  Y3s
  Y11, Y11s
  Y12, Y12A, Y12D, Y12G, Y12s 2021, Y12s
  Y15, Y15A, Y15C, Y15s
  Y16
  Y17
  Y19
  Y20, Y20 2021, Y20A, Y20A 2021, Y20i, Y20s, Y20s [G], Y20G, Y20G 2021, Y20T
  Y21, Y21A, Y21e, Y21s, Y21T
  Y22, Y22s
  Y30, Y30i, Y30 5G
  Y31
  Y33, Y33s, Y33T
  Y35
  Y50
  Y51, Y51s
  Y52 5G
  Y53s
  Y55, Y55 5G
  Y56 5G
  Y70
  Y72 5G
  Y73
  Y75
  Y76 5G
  Y100
Disclaimer

1. Please note that in some cases regular OS upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered.
2. Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.
3. Some patches may require a long test and merge cycle. They will be included in upcoming security update packages as soon as the patches are ready to deliver.
4. While vivo is committed to deliver security patch updates to all applicable models as soon as possible, please note that the delivery time of security patches may vary depending on the regions and models. Under certain circumstances, security patch updates may be delayed due to force majeure. If delayed, the latest security patches will be included in upcoming security update packages.

Each month's security patches come from the Android Security Bulletins, as shown follow.

2025

2025
2024
2023
2022
2021
2020
2019

January
February
March
April
May

High

CVE-2023-21342, CVE-2024-34739, CVE-2025-0077, CVE-2025-0087, CVE-2025-22425, CVE-2025-26422, CVE-2025-26426, CVE-2025-26427, CVE-2025-26428, CVE-2025-26436, CVE-2025-26440, CVE-2025-26444, CVE-2025-26424, CVE-2025-26442, CVE-2025-26429, CVE-2025-27363, CVE-2025-26420, CVE-2025-26421, CVE-2025-26423, CVE-2025-26425, CVE-2025-26430, CVE-2025-26435, CVE-2025-26438, CVE-2023-35657, CVE-2025-0072, CVE-2025-0427, CVE-2025-20666, CVE-2024-45580, CVE-2025-21453, CVE-2025-21459, CVE-2025-21467, CVE-2025-21468, CVE-2024-49835, CVE-2024-49841, CVE-2024-49842, CVE-2024-49845, CVE-2024-49846, CVE-2024-49847

Please note this page is for AER device users. If you are not an AER device user, please refer to the Android Security Advisories Tab for more details.

Android Enterprise Recommended Device List.

Device marketing name	Security update support	OS version update support
X200 FE	End date: 07/2030 at least(Global) Frequency: Every 30 days	Shipped version: Android 15 Future version: Android 16&17&18&19 at least(Global)
V50e	End date: 04/2029 at least(Global) Frequency: Every 30 days	Shipped version: Android 15 Future version: Android 16&17&18 at least(Global)
Y19s	End date: 07/2028 at least(Global) Frequency: Every 30 days	Shipped version: Android 14 Future version: Android 15&16 at least(Global)
Y29s 5G	End date: 11/2028 at least(Global) Frequency: Every 30 days	Shipped version: Android 15 Future version: Android 16&17 at least(Global)
V50 Lite 5G	End date: 06/2028 at least(Global) Frequency: Every 30 days	Shipped version: Android 15 Future version: Android 16&17 at least(Global)
V50	End date: 12/2028 at least(Global) Frequency: Every 30 days	Shipped version: Android 15 Future version: Android 16&17&18 at least(Global)
V40 Lite(V2341)	End date: 07/2027 Frequency: Every 30 days	Shipped version: Android 14 Future version: Android 15&16
Y28s 5G	End date: 11/2027	Shipped version: Android 14 Future version: Android 15&16
V40	End date: 09/2027 Frequency: Every 30 days	Shipped version: Android 14 Future version: Android 15&16
V40 SE 5G	End date: 05/2027 Frequency: Every 30 days	Shipped version: Android 14 Future version: Android 15&16
V29	End date: 12/2025 Frequency: Every 30 days	Shipped version: Android 13 Future version: Android 14&15
V29 Lite 5G	End date: 12/2025 Frequency: Every 30 days	Shipped version: Android 13 Future version: Android 14&15

Android Enterprise Recommended (AER) Disclaimer:

1.Please note this page is for AER device users. If you are not an AER device user, please refer to the Android Security Advisories Tab for more details.
2. Please note that in some cases regular OS upgrades may cause delays to planned security updates.However,users can be rest assured the OS upgrades wil include up-to-date security patches when delivered.
3. Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.
4. Some patches may require a long test and merge cycle. They will be included in upcoming security update packages as soon as the patches are ready to deliver.
5. While vivo is committed to deliver security patch updates to all applicable models as soon as possible, please note that the delivery time of security patches may vary depending on the regions and models. Under certain circumstances, security patch updates may be delayed due to force majeure. If delayed, the latest security patches will be included in upcoming security update packages.
Android is a trademark of Google LLC

Vulnerability Response Process

Receive Vulnerabilities

Receive vulnerability reports and Initiate vulnerability response process
Vulnerability Analysis

Verify the submitted vulnerabilities and evaluate the risk level
Vulnerability Fixes

Develop vulnerability repair plans and repair cycles
Vulnerability Fix Notification

Provide feedback to the vulnerability reporter on the progress and results of the handling process via email

Report Vulnerabilities

You can report vulnerabilities through email（[email protected]）.Since vulnerability information is sensitive, we strongly recommend that you use our PGP public key (fingerprint: CE48C83712B84EE88E57A678884C95C622AE7FFE) to encrypt the vulnerability when reporting it via email.

In order to better help us confirm potential vulnerability information, please include but not be limited to the following information in the email:

1.Your organization/title and contact information
2.Affected products and versions
3.Detailed description of potential vulnerabilities
4.Proof of exploitation of potential vulnerabilities, such as POC, exploit, network packet capture, problem reproduction steps, etc.
5.Information about how the vulnerability has been publicly exploited (if any)

Attention

We oppose and condemn all hacker behaviors that use vulnerability testing as an excuse to exploit security vulnerabilities to cause damage and harm the interests of users.Therefore, the following behaviors are prohibited:

-Exploiting vulnerabilities to steal user information
-Invading business systems
-Modifying or stealing related system information
-Maliciously spreading vulnerabilities or data

About US

In order to jointly build an Internet health and security ecosystem and strengthen the security defense capabilities of products and businesses, we works with industry institutions and developers to deepen technical cooperation and promote efficient governance of security vulnerabilities by building a vulnerability collection and emergency response mechanism.

If you encounter problems when reporting vulnerabilities, you can contact us by email（[email protected]）.

vivo Android™ Security Updates

Current Models for Monthly Security Updates

Current Models for Quarterly Security Updates

Current Models for Regular Security Updates

Disclaimer

High

Android Enterprise Recommended Device List.

Android Enterprise Recommended (AER) Disclaimer:

Android is a trademark of Google LLC

Vulnerability Response Process

Report Vulnerabilities

Attention

About US