Android users, beware! The Indian Computer Emergency Response Team (CERT) has issued a warning to the users that they are susceptible to multiple vulnerabilities. As per the advisory by the team under the IT Ministry, Android 10, Android 11, Android 12 and Android 12L can be exploited by hackers to obtain sensitive information, and even cause a denial of services on the targeted system.
The advisory further reveals that the flaws exist in the Framework, System component, Media Provider component, Kernel components, MediaTek components, Qualcomm components, Qualcomm closed source components, and System. By invading these software components, attackers can obtain sensitive personal information of the user, gain elevated privileges, and deny service to the device.
Google, however, has already acknowledged these system loopholes in the Android OS and rolled out a security patch earlier this month. Android Security Bulletin security patch levels of 2022-05-01 or later address all of these issues.
The security bulletin points out that the most concerning issue is a high-security vulnerability in the Framework component leading to local escalation of privilege with User execution privileges needed.
The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device. However, vulnerabilities can be mitigated with enhancements to newer versions of Android, which is why Google advises updating to the latest version on Android as soon as it is out.