CERT-In, India’s computer security incident response team, has issued an urgent alert regarding significant security vulnerabilities in Android smartphones. The advisory warns of potential cyberattacks targeting devices running Android 13, Android 14, Android 15, and Android 16. These vulnerabilities are classified as high-security risks and pose a serious threat to users.
The vulnerabilities affect multiple critical components of the Android operating system, including the framework, Android runtime, system, Widevine DRM, Project Mainline, the kernel, as well as components from Qualcomm and MediaTek. The widespread nature of these flaws amplifies the risk of exploitation.
Hackers could exploit these vulnerabilities to steal sensitive data, crash devices, execute arbitrary code, and gain complete control over a compromised device. This means that the user’s smartphone and the personal information it contains would be at significant risk.
Google has created a security patch to fix these issues. However, distributing the patch falls on the smartphone manufacturers, such as Samsung, OnePlus, and Xiaomi, which customize Android with their own software. Users need to install the update from their device manufacturer as soon as it’s available.
Users are urged to install any available security updates promptly. This critical step is essential to safeguard devices and data from cyber threats. The advisory underscores the necessity of timely updates to mitigate the risk of falling victim to malicious attacks.