The Indian Computer Emergency Response Team (CERT-In) has issued an alert for Android users due to serious security vulnerabilities found in smartphones using Qualcomm and MediaTek chipsets. This warning affects devices running on Android versions 12, 12L, 13, and 14.
What’s the Issue?
CERT-In has detected several “high risk” vulnerabilities that could be exploited by attackers to access sensitive data and gain unauthorized control over devices. These issues are rooted in various components of the Android system, including the Framework, System, Kernel, as well as specific components from Arm, Imagination Technologies, MediaTek, and Qualcomm.
One major flaw in the Framework component could allow attackers to escalate their privileges without needing additional permissions. This vulnerability could be particularly dangerous if standard security measures are turned off or bypassed.
How to Protect Yourself:
- Update Your Device: Ensure your Android smartphone is running the latest version of the operating system. Enable auto-updates to keep your software current and reduce the risk of security threats.
- Download Apps Safely: Only install apps from trusted sources like the Google Play Store.
- Be Cautious with Links: Avoid clicking on links from unknown or unsolicited messages and emails.
Apple Users Also at Risk: CERT-In has also issued a severe warning for Apple device users (iPhones, iPads, Macs, etc.). Similar to Android, Apple products have multiple vulnerabilities that could lead to information leaks, unauthorized code execution, security breaches, denial of service (DoS) attacks, and spoofing.
To safeguard your devices, regularly update your operating systems, download apps from reliable sources, and be cautious with unsolicited communications.