The Indian Computer Emergency Response Team (CERT-In), the nation's cybersecurity watchdog, has issued a high-risk security advisory, sending a critical warning to millions of Android users in India. The advisory highlights multiple vulnerabilities found in Android systems that could allow attackers to gain unauthorized access, execute arbitrary code, and destabilize systems. This could lead to privilege escalation, data theft, and denial-of-service (DoS) attacks.

Which Android Versions are at Risk?

The vulnerabilities affect a wide range of devices running Android versions 13, 14, and 15. This includes smartphones and tablets from various manufacturers, potentially impacting a significant portion of the Android user base in India. CERT-In's advisory (CIVN-2025-0013) specifically highlights that one of the vulnerabilities (CVE-2024-53104) is already being actively exploited.

How are Devices Vulnerable?

CERT-In explained that multiple vulnerabilities exist in Android due to flaws in the Framework, Platform, System, Conscrypt component, Kernel, Arm components, Imagination Technologies, MediaTek components, Unisoc components, Qualcomm components, and Qualcomm closed-source components. Successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information, gain elevated privileges, execute arbitrary code, or cause denial of service (DoS) conditions on the targeted system.

What are the Potential Consequences?

If exploited, these vulnerabilities pose significant risks:

• Unauthorized Data Access: Attackers could access sensitive information stored on the device, including personal data, financial information, and login credentials.
• Remote Code Execution: Hackers could execute arbitrary code remotely, allowing them to install malware, steal data, or control the device.
• Privilege Escalation: Attackers could gain elevated privileges, allowing them to perform actions that are normally restricted to the system administrator.
• Denial of Service (DoS): Attackers could cause the device to become unresponsive or non-functional, disrupting its normal operation.

How to Stay Protected

CERT-In advises users and OEMs to install security updates promptly upon release. The latest security patches are available in the Android Security Bulletin. To enhance security, users should also follow these best practices:

• Keep your device updated: Install the latest security patches to protect against vulnerabilities. Regularly check for updates in your device's settings menu.
• Download apps from trusted sources: Use the Google Play Store and avoid third-party or unknown sources. Be cautious of apps that request excessive permissions.
• Enable Google Play Protect: Enable it to detect and block potentially harmful apps. Play Protect continuously scans your device for malware.
• Review app permissions: Restrict unnecessary access to your data. Regularly review the permissions granted to apps and revoke any that seem suspicious.
• Be wary of suspicious links and attachments: Avoid clicking on links or opening attachments in SMS or MMS messages from unknown senders. These could contain malware or phishing scams.
• Enable automatic updates: This ensures that your device automatically downloads and installs the latest security patches.
• Use a strong password or PIN: This prevents unauthorized access to your device.
• Be careful about granting accessibility permissions: Granting accessibility permissions to malicious apps can give them control over your device and steal sensitive data.

The Importance of Timely Updates

Android's open-source nature and widespread use across various devices mean that updates often depend on individual phone manufacturers. This can lead to delays in patching security flaws, leaving some users exposed for extended periods. Users should be proactive about security by regularly checking for updates and installing them as soon as they become available. Google has addressed these issues in its May 2025 security bulletin, but the rollout speed varies by brand and model.

The Indian government's warning serves as a critical reminder of the importance of cybersecurity. By taking proactive steps to protect their devices, Android users can significantly reduce their risk of falling victim to cyberattacks.