CERT-In Warns Of Serious Risks For Android 15, 16 Versions: Check Details
For Android versions 13 through 16, smartphone users must download and install the most recent security updates to keep their devices safe from potential threats, according to CERT-In.
The Indian Computer Emergency Response Team (CERT-In) has released an advisory highlighting several security vulnerabilities in recent Android versions. Each flaw has been assigned a unique CVE (Common Vulnerabilities and Exposures) listing.
India’s nodal cybersecurity agency, in its advisory issued last week, marked these vulnerabilities with a 'high severity' rating due to the likelihood of exploitation in cyberattacks.
Security patches addressing these issues have already been released by Android. Users are strongly advised to update their devices to the most recent Android version without delay, the agency advised.
On Sept. 3, CERT-In released a security advisory highlighting several vulnerabilities spread across various parts of the Android operating system. The affected areas include critical elements such as the Framework, Android Runtime, core system functions, Widevine DRM, Project Mainline modules, the Kernel and components supplied by hardware partners like Arm, Imagination Technologies, MediaTek and Qualcomm, including its proprietary software.
The flaws affect Android versions 13, 14, 15 and 16. Severity rating for the advisory is “High”.
“Successful exploitation of these vulnerabilities could allow an attacker to gain elevated privileges, obtain sensitive information, execute arbitrary code, or cause a denial of service (DoS) condition on the targeted system,” the advisory said.
A Denial-of-Service (DoS) attack is a type of cyberattack where the attacker overwhelms a computer or network with excessive fake requests. This flood of traffic consumes all the system's resources, making it impossible for legitimate users to access the service or device. Essentially, it blocks normal operations by overloading the target with bogus traffic.
Google has rolled out a new security update for Android to fix the issues pointed out by CERT-In. However, because many smartphone brands customise Android with their own unique interfaces, like Samsung’s One UI, OnePlus’s OxygenOS or Xiaomi’s HyperOS, the update must first be adapted and released by these manufacturers before users can install it on their devices.
After Google releases a security patch for the Android operating system, manufacturers then adapt these updates to their own custom frameworks before delivering them to users. Many Android users may have already received this latest update.
