The Indian Computer Emergency Response Team (CERT-In) has noticed a high-risk vulnerability in Android versions 12, v12L, v13 and v14. Due to this, the agency has issued a high severity vulnerability alert warning users of the security flaw. CERT-in says that, if exploited, the vulnerability could allow hackers to “gain high privileges and obtain sensitive information on the targeted system.” Which means that the devices of affected users could be taken over by the hacker, who in turn can access and steal sensitive information from the victim’s device.

The cybersecurity agency says that these vulnerabilities in Android exist due to “flaws in framework, system, Google Play system updates, kernel, Arm components, MediaTek components, Imagination Technologies, Qualcomm components and Qualcomm closed-source components”. This essentially means that if you are a user and your device runs on Android versions prior to Android 12, Android 12L, Android 13 and Android 14, then this vulnerability has arisen due to multiple reasons including problems in framework, system, Google Play updates, kernel. There have also been delays in components from Arm, MediaTek, Imagination Technologies and Qualcomm, which, according to CERT-In, is also the reason for the security risk.

To guard against such high-risk vulnerabilities, users can take several precautionary steps:

Update your device: The first and most important step is to make sure your device is running the latest version of Android. Check regularly for system updates and install them promptly. These updates often contain security patches that fix known vulnerabilities.

Enable automatic updates: Enable automatic updates for both your operating system and apps. This ensures you receive the latest security patches and updates as quickly as possible, reducing the risk of vulnerabilities.

Use reliable sources: Only download apps from trusted sources like the Google Play Store. Avoid installing apps from unknown or third-party sources, as they may contain malicious software designed to exploit vulnerabilities.

Review app permissions: Regularly review the permissions granted to your apps. Be wary of apps asking for access to sensitive information or unnecessary permissions. Revoke permissions that seem excessive or irrelevant to the app’s function.

Install security software: Consider installing reputable security software on your device. These apps can provide an additional layer of security by detecting and blocking malicious activities.

Avoid clicking on unknown links: Be wary of unsolicited messages, emails or links, especially those that ask for personal information or credentials. Phishing attacks are common ways for hackers to exploit vulnerabilities.

Regular backups: Back up your data regularly to an external source or cloud service. If your device is compromised, having a backup ensures that you can restore your information without any significant loss.

Monitor device activity: Monitor your device’s activity to notice any unusual behavior such as sudden slowdowns, unexpected pop-ups, or unfamiliar apps. These could be signs of a security breach.

factory reset: If you suspect your device has been tampered with, consider performing a factory reset. This will erase all data on your device, including malware, but be sure to back up important data first.