CERT-In — or Indian Computer Emergency Response Team — has warned of a number of safety vulnerabilities affecting a number of variations of Android. These safety flaws, if exploited by a malicious consumer, may very well be used to execute harmful code, gather delicate information, and launch a denial-of-service (DoS) assault on a sufferer. The safety vulnerabilities have an effect on three main variations of Android, throughout varied components of Google’s working system (OS) — from the framework to parts from Arm, MediaTek, Qualcomm, Unisoc, and others, in line with the cybersecurity company.
In a vulnerability be aware issued earlier this week, CERT-In lists out 51 safety flaws affecting the Android OS. The nodal company liable for coping with cybersecurity points and threats has issued a important severity score for the vulnerability be aware. All the entries listed by CERT-In have been assigned a Common Vulnerabilities and Exposures (CVE) quantity.
According to CERT-In, these vulnerabilities have an effect on Android 13, Android 12, Android 12L, and Android 11. It is at the moment unclear whether or not Android 14 can also be affected because the supply code for Android 14 was revealed just a few days earlier than the advisory was issued.
The 51 safety flaws listed by CERT-In have an effect on varied components of the Android working system from the Android framework, the Android system, and Google Play system updates. Meanwhile, software program for parts circuitously managed by Google, together with these from Arm, MediaTek, Unisoc, and Qualcomm, are additionally affected by these vulnerabilities.
Attackers who exploit these flaws might probably elevate their privileges on a goal’s smartphone, execute arbitrary (and malicious) code, extract delicate data, and even carry out a denial-of-service (DoS) assault, in line with CERT-In.
Two of those flaws — CVE-2023-4863 and CVE-2023-4211 — may very well be actively exploited by attackers, and customers ought to apply safety patches “urgently”, in line with the company. These flaws relate to the Chromium engine that powers Google’s browser, and GPU reminiscence processing operations on Android, respectively.
Users operating on Pixel smartphones can set up the newest replace that features the October security patches. Unfortunately, customers who personal smartphones from different producers must wait till a safety replace is launched together with fixes for these safety flaws.
#CERTIn #Warns #Major #Security #Flaws #Affecting #Android #Versions
