Details of ‘High-Risk’ Vulnerabilities Affecting Android Users Revealed by Indian Government
If you’re using an Android device, it’s important to know that the Indian government’s Computer Emergency Response Team has issued a warning about Android’s “high” security risk vulnerabilities. The team emphasizes that these exploits can allow attackers to obtain sensitive information and execute arbitrary code on your phone.
What Android versions does this apply to?
These vulnerabilities are found in Android versions 11, 12, 13 and 14. This means that even if you have the latest version of Android, you are not exempt from these risks.
CERT-In highlights that there are multiple vulnerabilities in the frame, system, arm parts and MediaTek components, Unisoc components, Qualcomm components and Qualcomm proxies.
How to protect yourself?
To protect your device, you need Android security patch levels 2024-02-05 or later to resolve all these issues. So, when your device’s OEM releases the said update, just download the latest update available.
Given the “high” severity rating, it is recommended to focus on other security-enhancing features. Enable two-factor authentication, use a strong passcode, and follow good digital hygiene practices.
These are the vulnerabilities that affect the Android versions mentioned above
CVE-2023-32841, CVE-2023-32842, CVE-2023-32843, CVE-2023-33046, CVE-2023-33049, CVE-2023-33057, CVE-2023-33057, CVE-2023-330202, CVE- 33058 2023-33072, CVE-2023-33076, CVE-2023-40093, CVE-2023-40122, CVE-2023-43513, CVE-2023-43516, CVE-2023-43516, CVE-2023-43518, CVE-2023 -43518, C3-5-29 43520, CVE-2023-43522, CVE-2023-43523, CVE-2023-43533, CVE-2023-43534, CVE-2023-43536, CVE-2023-49667, CVE-2023- 49667, CVE-9268, CVE-9268 CVE-2023-5249, CVE-2023-5643, CVE-2024-0014, CVE-2024-0029, CVE-2024-0030, CVE-2024-0031, CVE-2024-0032 , CVE-0032, CVE-032 2024-0034, CVE-2024-0035, CVE-2024-0036, CVE-2024-0037, CVE-2024-0038, CVE-2024-0040, CVE-2024-0041, CVE- 2024-0041, CVE-2020-4 20006, CVE-2024-20007, CVE-2024-20009, CVE-2024-20010, CVE-2024-20011.