CERT-IN Flags Multiple Weak Spots In Android OS Carrying Data Leak Risk

Google has released the first public version of its Android operating system, but security researchers warn that it may contain multiple weak spots that could lead to data leakage. The CERT-IN Flags Multiple Weak Spots in Android OS carrying data leak risk through its use of certificates, which can be exploited by attackers to steal confidential data. CERT-IN also warns that Android OS improved security features may not be enough to protect users from certain types of attacks.

The Indian Computer Emergency Response Team (CERT-IN) on Monday notified multiple security vulnerabilities in Android operating systems, which may make it possible for unauthorized access to private information and cause a denial of service situation in the victim’s system.

CERT-IN released a vulnerability notice following the Google informed required to users recognize security dangers in its Android Security Bulletin June 2022. The affected software related to Android Operating System versions 10, 11, 12, and 12L, among others.

Multiple vulnerabilities have been discovered in Google’s Android that could be exploited by a hacker to execute arbitrary code, gain elevated privileges, gain access to sensitive information or cause denial of service (DoS) conditions on the device, the cyber-security firm said while issuing a threat severity notice.

The vulnerabilities that these cumulative incidents stem from residing in Google Android as a result of flaws in the framework elements, Media Framework Components, Google Play System Updates, Kernel Components, MediaTek elements, Unisoc Components, and Qualcomm closed-source elements, the company elaborated.

On June 6, Google said it observed safety issues affecting Android gadgets. The most severe shortfall regards a critical security weakness in the System component that makes it possible for malicious apps to execute code without additional privileges, the tech giant explained about CERT-IN Flags multiple weak spots in Android OS carrying data leak risk. Telephony companies have demanded that customers use the enhanced settings no later than 2022-05 in order to avoid the threats.