Government has a ‘high severity’ warning for these Android users: What you need to know

The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity advisory for Android users, warning of multiple vulnerabilities. Impacted users are urged to update their devices immediately to address these security risks. CERT-In is the nodal agency to deal with cyber security incidents and works under the aegis of the Ministry of Electronics and Information Technology of the Government of India. Here’s what you need to know about the latest advisory

CERT-In issued Vulnerability Note CIVN-2024-0349 on November 25, 2024. It says that multiple vulnerabilities have been reported in Android, which could be exploited by an attacker to obtain sensitive information, gain elevated privileges, execute arbitrary code or cause denial of service (DoS) conditions on the targeted system. Software affected include

It states “Multiple vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Kernel LTS, Imagination Technologies, MediaTek components, Qualcomm components and Qualcomm closed-source components”. Android is an open-source operating system primarily designed for mobile devices, including smartphones, tablets, smartwatches, and other embedded systems. Target audience as per CERT-In include all OEMs and users of Android.
Also read: Infosys to give 85% average performance bonus to employees, here's what 'HR email' says
The identified vulnerabilities may allow attackers to exploit weaknesses in Android systems, potentially leading to unauthorized access, data leaks, or complete system compromise. Immediate updates are recommended to mitigate these risks. “Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information, gain elevated privileges, execute arbitrary code or cause denial of service (DoS) condition on the targeted system,” the advisory says.

CERT-In advises users to apply appropriate updates to their devices to mitigate the risks. All Android device owners are urged to update immediately to patch these critical security risks and protect their devices from potential compromise.