CERT-In Warns Users of Multiple Security Vulnerabilities Affecting Recent Android Versions

Internet

Products You May Like

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory regarding several security flaws affecting smartphones running on recent versions of Android. The cybersecurity agency has warned users about vulnerabilities that were recently patched by Google and smartphone component makers like Qualcomm and MediaTek as part of the Android Security Bulletin for this month. Samsung has also issued patches for nine Samsung Vulnerabilities and Exposures (SVE) that were privately disclosed and have moderate severity ratings, as part of the latest security update.

In in advisory issued on Tuesday, CERT-In highlights multiple vulnerabilities detected across parts of the Android operating system, including the “Framework, System, AMLogic, Arm components, MediaTek components, Qualcomm components & Qualcomm closed-source components”. The advisory has a “High” severity rating and states that the flaws affect Android 12 (and 12L), Android 13, and Android 14.

According to the cybersecurity agency, Google has patched vulnerabilities in its Android operating system that would allow an attacker to gain unauthorised access to private information on an affected device. The flaws could also be leveraged by the attacker to gain elevated privileges on the device and execute malicious code or start a denial of service (DoS) attack.

Meanwhile, Google has shared detailed information related to specific components that have been patched with the latest Android Security Bulletin — including fixes for bootloader vulnerabilities on devices with AMLogic components, flaws on Mali (Arm) components, and security issues affecting Wi-Fi and kernels on Qualcomm devices.

Samsung has announced that its devices that receive the latest Security Maintenance Release (SMR) Mar-2024 Release 1 update will also be protected against nine SVEs that affect the Wi-Fi, AppLock, and other parts of the operating system as well as the bootloader. The company also says that it has also issued fixes for some SVE items that cannot currently be disclosed.

CERT-In says that users should make sure that their smartphones are updated with the latest monthly security updates in order to make sure that these vulnerabilities have been patched. According to Google’s latest Android Security Bulletin, users whose smartphones have been updated to the 2024-03-05 security patch level should be protected from these security flaws. 

Products You May Like

Articles You May Like

iPhone 16 Pro Max Leaked Dummy Unit Offers Glimpse at New Desert Titanium Colourway
Xiaomi 14T, Xiaomi 14T Pro Pricing and Key Specifications Leaked Ahead of Anticipated Debut
SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments
NASA’s SpaceX Crew-9 Mission Adjusts Crew Ahead of September Launch
A journey inside Epic Systems’ mythical and sprawling campus, a world away from Wall Street

Leave a Reply

Your email address will not be published. Required fields are marked *