‘High-risk warning for Android users,’ says Centre. Here’s how to keep your device safe

Amid the latest discovery of multiple vulnerabilities within the versions of the Android operating systems, including the recently launched Android 13, the Computer Emergency Response Team (CERT-In) has issued a warning for Android users, which is classified as ‘high severity.’ Basically, these vulnerabilities could be exploited by the attackers in order to take control of the vulnerable devices, steal sensitive information or disrupt its operations.

Notably, CERT-In is an agency operating under the Ministry of Electronics and Information Technology, which focuses to secure Indian cyberspace and also is responsible for addressing cyber security issues such as hacking and phishing etc. This alert stresses out at the risks within the risks within various versions of the Android OS.

In an official note, CERT-In said, “Multiple vulnerabilities have been reported in Android which could be exploited by an attacker to obtain sensitive information, gain elevated privileges and cause a denial of service on the targeted system.”

Here’s list of all vulnerabilities cited by CERT-In:

• CVE-2020-29374
• CVE-2022-34830
• CVE-2022-40510
• CVE-2023-20780
• CVE-2023-20965
• CVE-2023-21132
• CVE-2023-21133
• CVE-2023-21134
• CVE-2023-21140
• CVE-2023-21142
• CVE-2023-21264
• CVE-2023-21267
• CVE-2023-21268
• CVE-2023-21269
• CVE-2023-21270
• CVE-2023-21271
• CVE-2023-21272
• CVE-2023-21273
• CVE-2023-21274
• CVE-2023-21275
• CVE-2023-21276
• CVE-2023-21277
• CVE-2023-21278
• CVE-2023-21279
• CVE-2023-21280
• CVE-2023-21281
• CVE-2023-21282
• CVE-2023-21283
• CVE-2023-21284
• CVE-2023-21285
• CVE-2023-21286
• CVE-2023-21287
• CVE-2023-21288
• CVE-2023-21289
• CVE-2023-21290
• CVE-2023-21292
• CVE-2023-21626
• CVE-2023-22666
• CVE-2023-28537
• CVE-2023-28555

These vulnerabilities affected Android versions 10,11, 12, 12L and 13, said CERT-In.

They are caused by flaws in the Framework, Android Runtime, System Component, Google Play system updates, Kernel, Arm components, MediaTe components and Qualcomm closed-source components.

What would happen if your Android OS is exploited by hackers:

• If your system has these vulnerabilities, it can gain elevated privileges on the device
• The hackers can easily access personal information, such as passwords, photos, and financial data
• Also, it can cause denial-of-service conditions, making the device unusable
• Install malicious software on the device

To protect your devices from hacker access, CERT-In suggests that users update their devices to the latest security patches as soon as possible to mitigate these risks. Amid this, Google has already released its security patches in order to solve these vulnerabilities. Users can check ‘Android Security Bulletin-August 2023’ for details.

Certain things you can add on to protect your device from these vulnerabilities

• Make sure to install applications from trusted sources.
• Always use a security app to scan your device for malware.
• Remember to only open emails and attachments from trusted senders.
• Use a strong password and enable two-factor authentication in apps and on your device.
• Back up your data regularly. If your device is lost or stolen, you will want to be able to recover your data.