CERT-In finds multiple vulnerabilities in Android, IT Security News, ET CISO
The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Friday warned users of multiple vulnerabilities in Android which could allow an attacker to obtain sensitive information, gain elevated privileges and cause denial-of-service (DoS) conditions on the targeted system.
The affected software includes Android versions 12, 12L, 13, and 14.
“Multiple vulnerabilities have been reported in Android which could be exploited by an attacker to obtain sensitive information, gain elevated privileges and cause a denial of service condition on the targeted system,” said the CERT-In advisory.
According to the cyber agency, these vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies and Qualcomm closed-source components.
CERT-In advised users to apply appropriate updates when made available by the respective OEMs (original equipment manufacturers).
Last week, CERT-In warned about a vulnerability in Checkpoint Network Security gateway products, which could allow hackers to compromise users’ data.
According to its advisory by the national cyber-security agency, attackers can use the vulnerability to access certain information on “internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades.”