Quick Read
Summary is AI Generated. Newsroom Reviewed
-
Indian CERT-In issued advisory on high severity Android vulnerabilities with CVE listings
-
Flaws affect Android versions 13, 14, 15 and 16, including core system and hardware components
-
Exploitation risks include privilege escalation, data theft, arbitrary code execution and DoS attacks
The Indian Computer Emergency Response Team (CERT-In) has released an advisory highlighting several security vulnerabilities in recent Android versions. Each flaw has been assigned a unique CVE (Common Vulnerabilities and Exposures) listing.
India’s nodal cybersecurity agency, in its advisory issued last week, marked these vulnerabilities with a 'high severity' rating due to the likelihood of exploitation in cyberattacks.
Security patches addressing these issues have already been released by Android. Users are strongly advised to update their devices to the most recent Android version without delay, the agency advised.
On Sept. 3, CERT-In released a security advisory highlighting several vulnerabilities spread across various parts of the Android operating system. The affected areas include critical elements such as the Framework, Android Runtime, core system functions, Widevine DRM, Project Mainline modules, the Kernel and components supplied by hardware partners like Arm, Imagination Technologies, MediaTek and Qualcomm, including its proprietary software.
The flaws affect Android versions 13, 14, 15 and 16. Severity rating for the advisory is “High”.
“Successful exploitation of these vulnerabilities could allow an attacker to gain elevated privileges, obtain sensitive information, execute arbitrary code, or cause a denial of service (DoS) condition on the targeted system,” the advisory said.
A Denial-of-Service (DoS) attack is a type of cyberattack where the attacker overwhelms a computer or network with excessive fake requests. This flood of traffic consumes all the system's resources, making it impossible for legitimate users to access the service or device. Essentially, it blocks normal operations by overloading the target with bogus traffic.
Google has rolled out a new security update for Android to fix the issues pointed out by CERT-In. However, because many smartphone brands customise Android with their own unique interfaces, like Samsung’s One UI, OnePlus’s OxygenOS or Xiaomi’s HyperOS, the update must first be adapted and released by these manufacturers before users can install it on their devices.
After Google releases a security patch for the Android operating system, manufacturers then adapt these updates to their own custom frameworks before delivering them to users. Many Android users may have already received this latest update.
RECOMMENDED FOR YOU
Experts Warn India's Future At Risk As Young Lungs Deteriorating, Struggle To Breathe
Sep 08, 2025
US Is On Brink Of Recession, Claims Moody's Chief Economist — Check List Of States At Risk
Sep 03, 2025
Rains Making You Spend More? Breaking Down Seasonal Expenses From Transport To Medicines
Aug 20, 2025
Samsung Galaxy S25 FE Full Specifications Leaked: Check Key Features, Expected Price
Aug 04, 2025
POPULAR