The Indian Computer Emergency Response Team (CERT-In) has issued a security advisory (CIVN-2025-0013) warning about multiple vulnerabilities in Android. These flaws could allow attackers to gain unauthorised access, execute arbitrary code, and compromise system stability.
What’s the warning?
CERT-In has classified the vulnerabilities as high-risk, with potential impacts including privilege escalation, data theft, and denial-of-service (DoS) attacks. The advisory also mentions that one of the vulnerabilities (CVE-2024-53104) is already being actively exploited in the wild.
Devices and Android versions affected
The vulnerabilities affect devices running Android versions 12, 12L, 13, 14, and 15. Users of smartphones, tablets, smartwatches, and other devices based on Android are advised to take immediate precautions.
Why this security flaw exists
According to CERT-In, the vulnerabilities arise due to flaws in multiple Android components, including:
Framework
Platform
System
Conscrypt component
Kernel
Arm components
Imagination Technologies
MediaTek components
Unisoc components
Qualcomm components (including closed-source elements)
These security weaknesses could be exploited to access sensitive user information, execute arbitrary code, or cause a device to crash.
How to stay protected
CERT-In recommends users and OEMs apply security updates as soon as they are available. The latest security patches can be found in the Android Security Bulletin:
https://source.android.com/docs/security/bulletin/2025-02-01
Users should also follow best security practices, including:
Regularly updating their devices
Avoiding installation of apps from untrusted sources
Enabling Google Play Protect
Being cautious of phishing attempts
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
