The Indian Computer Emergency Response Team has again issued a high-risk warning for Android users. This time, the warning specifically targets those using the latest Android 15. According to the government’s cyber security agency, several vulnerabilities have been found in the Android operating system, which if exploited can pose serious threats to users’ devices. These include unauthorized access to sensitive information, system instability, and even complete denial of service. In short, hackers can exploit these vulnerabilities to hack your Android smartphone or tablet.

CERT-In has flagged these critical vulnerabilities in the Android operating system in its latest vulnerability note – CIVN-2024-0349. In the report, the government agency outlines critical vulnerabilities in Android versions ranging from the older Android 12 to the latest Android 15. Cert-In has also flagged these flaws as high risk, meaning it poses significant concerns for both individual users and organizations. Android device.

Affected Android versions

Here is the list of Android versions affected by the identified flaws:

• android 12
• Android 12L
• android 13
• android 14
• android 15

Further explaining the issues, CERT-In notes that the vulnerabilities identified in Android software originate from various components within the Android ecosystem, including those developed by third-party vendors such as Imagination Technologies, MediaTek, and Qualcomm. . Both open-source and proprietary components are affected by these flaws, increasing the complexity and scope of vulnerabilities.

If successfully exploited by hackers, these vulnerabilities could allow them to:

Data breach: Attackers can gain unauthorized access to personal or corporate data stored on affected devices.

Reason for system instability: Exploiting these vulnerabilities could lead to frequent crashes, making devices unreliable.

Initiate a denial of service (DoS) attack: Attackers can cause devices to enter a DoS state, effectively disrupting their functionality.

To protect their systems, CERT-In has advised users to update their Android devices as soon as possible after the updates are released by Google and respective original equipment manufacturers (OEMs).

Once the update is released, users can update their Android phones by going to System Settings > System Upgrade and starting the available updates.

Additionally, users are advised to:

• Download apps only from trusted sources, such as Google Play Store. Avoid sideloading apps from unverified platforms, as they may contain malware.
• Activate built-in security features, such as app permissions, two-factor authentication (2FA), and device encryption, to reduce exposure.
• Be alert for unusual behavior, such as unexpected crashes or rapid battery drain, that could indicate a potential exploit.