CERT-In warns of two vulnerabilities out of 51 that could be actively exploited, urging immediate installation of the latest security patches.
CERT-In, the Indian Computer Emergency Response Team, has issued a warning about multiple security vulnerabilities impacting different Android versions. These vulnerabilities, if exploited by malicious actors, can lead to the execution of harmful code, data theft, and denial-of-service (DoS) attacks. The affected Android versions span various aspects of Google's operating system, including the framework and components from Arm, MediaTek, Qualcomm, Unisoc, and others, as stated by the cybersecurity agency.
In a recent vulnerability note, CERT-In has outlined 51 security flaws affecting the Android OS. The agency, responsible for handling cybersecurity issues, has assigned a critical severity rating to this note. Each entry in CERT-In's list is associated with a Common Vulnerabilities and Exposures (CVE) number.
CERT-In warns of vulnerabilities in Android versions 13, 12, 12L, and 11. Android 14's vulnerability status remains unclear due to its recent source code release.
These 51 flaws affect various Android components, including the framework, system, Google Play updates, and components from Arm, MediaTek, Unisoc, and Qualcomm.
Exploiting these flaws can give attackers higher privileges, execute malicious code, steal data, and launch denial-of-service attacks. Two vulnerabilities, CVE-2023-4863 and CVE-2023-4211, require immediate patching.
Pixel smartphone users have the option to install the latest update, which incorporates the October security patches. However, users with smartphones from other manufacturers will need to wait until a security update is issued, addressing these security vulnerabilities.
Interested in the Samsung Galaxy Z Flip 5 as the top foldable phone in India? We explore the company's new clamshell-style foldable device in the latest episode of Orbital, the Gadgets 360 podcast. You can listen to Orbital on various platforms, including Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music, and more.
