Indian government has a serious warning for Apple iPhone, Android and some Windows users: Check if you are affected and what you should do right now

Warning

India’s Computer Emergency Response Team (CERT-In) has issued a CRITICAL severity warning affecting a wide range of Android smartphones powered by Qualcomm processors. The alert impacts users of popular smartphone brands including Apple, OnePlus, Samsung, Oppo, Vivo, Realme, and Xiaomi, among others. CERT-In’s advisory highlights multiple vulnerabilities in Qualcomm chipsets that could lead to full device compromise if left unpatched.

As per CERT-In’s Vulnerability Note (CIVN-2025-0106), numerous Qualcomm chipsets have been found vulnerable to critical security flaws. These include issues that allow attackers to:

Execute arbitrary code

Cause denial-of-service (DoS) conditions

Escalate privileges

Access or leak sensitive information

The Indian cybersecurity agency has confirmed that three of these vulnerabilities (CVE-2023-33017, CVE-2023-33018, and CVE-2023-33019) have already been exploited in the wild. CERT-In strongly recommends users and enterprises to apply patches immediately.

The warning affects hundreds of Qualcomm processors, used across flagship, mid-range, and entry-level Android devices. These chipsets are found in phones, tablets, wearables, smart displays, automotive platforms, and IoT devices. Some widely used chipsets on the list include:

Snapdragon 8 Gen 1 / 8 Gen 2 / 8 Gen 3

Snapdragon 865 / 870 / 888 / 778G / 782G / 7c+ Gen 3

Snapdragon 695 / 750G / 732G / 730G / 720G / 662

Snapdragon 480 / 460 / 439 / 429 / 625 / 630 / 636 / 660

Snapdragon W5+ Gen 1, XR2, XR2+ Gen 1, FastConnect 7800

And many others across platforms like QCM, QCN, SA, QCA, and WCN families.

Qualcomm X65, X70 and X75 5G modems that are also found in Apple iPhones.

When it comes to affected devices, there are millions of devices that are affected by this including iPhones and Android devices from OnePlus, Oppo, Vivo, Realme, Samsung and other devices running Qualcomm chipsets.

The vulnerabilities stem from security flaws in the firmware and memory handling processes of Qualcomm chipsets. Given the complexity and scale of Qualcomm’s SoC platforms, issues like unchecked input, insecure memory access, and improper privilege escalation can lead to major risks if exploited.

Such flaws can allow attackers to hijack devices remotely, spy on users, or leak sensitive data. These threats become critical when vulnerabilities are already being actively used by attackers, as CERT-In has confirmed.

CERT-In has urged all Android users with Qualcomm-powered devices to:

Immediately check for software updates and install the latest security patches from your device manufacturer.

Go to Settings > Software Update to ensure you're running the latest firmware.

Avoid downloading apps from unofficial sources and clicking suspicious links.

Use a reliable antivirus app to help detect malicious activity.