Science & Technology

New Delhi: CERT-In Issues Urgent Warning on Android Vulnerabilities

The Indian Computer Emergency Response Team (CERT-In) warns of serious vulnerabilities in Android systems and international spoofed calls aimed at defrauding Indian citizens.

Sentinel Digital Desk

NEW DELHI: The Indian Computer Emergency Response Team (CERT-In) under Ministry of Electronics & Information Technology, has flagged critical vulnerabilities in Android versions 12 12L, 13 14. These flaws could allow attackers to access sensitive information. They could also gain elevated privileges. Additionally these could cause denial-of-service (DoS) conditions on targeted systems.

In advisory issued on Friday CERT-In highlighted that these vulnerabilities stem from issues in various components of Android operating system. Specifically, flaws have been identified in Framework System, Google Play system updates Kernel, Arm components MediaTek components, Imagination Technologies and Qualcomm closed-source components. CERT-In urges users apply updates released by original equipment manufacturers (OEMs) as soon as they become available to mitigate these risks.

"Multiple vulnerabilities have been reported in Android. An attacker could exploit these to obtain sensitive information and gain elevated privileges" stated advisory from CERT-In.

This announcement follows recent warning from CERT-In about critical vulnerability in Checkpoint Network Security gateway products. The cyber-security agency indicated this flaw could enable hackers to compromise user data. This is particularly concerning through internet-connected gateways configured with IPSec VPN. Remote access VPN or mobile access software blades are also at risk.

The Indian government has taken significant steps to counter threat of international spoofed calls. Telecom Service Providers (TSPs) have been directed to block such calls. These calls often involve cyber-criminals using Indian mobile numbers. They deceive citizens and commit fraud. This initiative developed in collaboration with the Department of Telecommunications (DoT), aims to identify and prevent these deceptive calls. It seeks to stop them from reaching Indian telecom subscribers.

Statement from Ministry of Communications emphasized increasing misuse of international spoofed calls in various scams. These fraudulent calls are designed to appear as though they originate from within India. But are actually made by cyber-criminals abroad who manipulate caller identification. Recent scams have included fake digital arrests FedEx scams, drug/narcotics-related couriers. Impersonation of government and police officials. Threats of mobile number disconnections purportedly from DoT/TRAI officials.

Government's actions underscore urgency of addressing these security threats to protect Indian citizens from cyber-crime and financial fraud. Measures implemented are expected to provide significant safeguard against growing menace of international spoofed calls.

ALSO READ:

ALSO WATCH: