The Indian government, through its cybersecurity watchdog, the Indian Computer Emergency Response Team (CERT-In), has issued a high-risk security advisory concerning vulnerabilities discovered in MediaTek chipsets. This warning impacts millions of smartphone and TV users in India and globally, as MediaTek chips are widely used in Android devices. These vulnerabilities could allow attackers to gain unauthorized access, steal sensitive information, execute arbitrary code, and cause denial-of-service (DoS) attacks on affected systems.

CERT-In's advisory highlights that the vulnerabilities exist due to flaws in various components, including the Android Framework, System, Kernel, and hardware-specific components from MediaTek. Successful exploitation of these vulnerabilities could lead to severe consequences, including privilege escalation, data theft, and the ability for attackers to control devices remotely.

Several reports indicate that the vulnerabilities affect a wide range of Android versions, including 12, 12L, 13, 14, and 15. This means a significant portion of Android devices currently in use are potentially at risk. Popular smartphone brands such as Samsung, Realme, OnePlus, Xiaomi, Vivo, Nothing, and Infinix, which utilize MediaTek chipsets in many of their models, are particularly affected.

One of the most concerning vulnerabilities, CVE-2024-20154, is a stack overflow issue in affected chipsets' modems that could lead to remote code execution if a device connects to an attacker-controlled base station. This vulnerability has been given a "critical" severity assessment, as it doesn't require any user interaction or additional privileges for exploitation. Another significant vulnerability, CVE-2025-20678, impacts over 80 different chipset models and involves uncontrolled recursion in the IMS (IP Multimedia Subsystem) service, potentially enabling remote denial-of-service attacks. CVE-2025-20671 represents a heap overflow vulnerability in MediaTek's Bluetooth driver, allowing local escalation of privilege.

MediaTek has acknowledged the vulnerabilities and has reportedly notified device manufacturers about the issues and provided patches. The company states that device manufacturers were informed about the vulnerabilities at least two months prior to public disclosure, giving them time to develop and deploy security updates.

To mitigate the risks posed by these vulnerabilities, CERT-In advises users and OEMs to take the following steps:

• Install Security Updates Promptly: Users should install the latest security patches as soon as they are released by their device manufacturers. These patches address the identified vulnerabilities and help prevent exploitation.
• Download Apps from Trusted Sources: Users should only download apps from trusted sources like the Google Play Store. Avoiding third-party or unknown sources reduces the risk of installing malicious apps that could exploit vulnerabilities.
• Enable Google Play Protect: Enabling Google Play Protect helps detect and block potentially harmful apps before they can be installed on a device.
• Review App Permissions: Users should carefully review the permissions requested by apps and restrict unnecessary access to their data.
• Be Cautious of Unsolicited Messages and Links: Users should be wary of unsolicited messages, emails, or links, especially those asking for personal information or credentials. Phishing attacks are a common method used by hackers to exploit vulnerabilities.
• Keep Devices Updated: Regularly updating the operating system and applications is crucial for maintaining security.
• Enable Automatic Updates: Enabling automatic updates ensures that devices receive the latest security patches and updates as soon as they are available.

The Indian government's warning highlights the importance of proactive cybersecurity measures and the need for users to stay informed about potential threats. By taking the recommended steps, users can significantly reduce their risk of being affected by these vulnerabilities and protect their personal data and devices from cyberattacks. It is also crucial for device manufacturers to prioritize the timely release of security patches to address these vulnerabilities and ensure the safety of their users.