GUWAHATI: The Indian Computer Emergency Response Team (CERT-IN), a cybersecurity agency under the Ministry of Electronics and Information Technology, has issued a warning for Android users about high-risk vulnerabilities in the Android operating system.
These vulnerabilities affect versions 11, 12, 12L, 13, and 14, potentially impacting many Android devices.
If exploited, these vulnerabilities could allow unauthorized access to sensitive information, grant elevated privileges, and lead to denial-of-service attacks on targeted systems.
“These vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel LTS, Arm components, MediaTek components, Qualcomm components and Qualcomm closed-source components,” the CERT-IN said in a statement issued on November 14.
The vulnerabilities are widespread, affecting critical elements like Google Play system updates, Framework, System, and components linked to various hardware manufacturers.
This widespread impact poses a serious threat to the security of Android devices.
Cybersecurity experts are actively addressing these vulnerabilities, and users are strongly advised to promptly update their Android devices once the security updates are available.
With the rising frequency of cyber threats, taking proactive measures is crucial to protect personal information and ensure the smooth functioning of Android devices in the face of evolving cybersecurity challenges.
CERT-IN is closely monitoring the situation and urges Android users to remain vigilant, implementing necessary security measures to protect their devices from potential exploits.
Meanwhile, Google has officially recognised these flaws in their recent Android Security Bulletin and committed to releasing security updates for all Android users.
Pixel smartphone users can now install the latest update, incorporating the October security patches. However, those with smartphones from other manufacturers will need to wait until a security update is released, along with fixes for these security flaws.