The Computer Response Team (CERT-In), under the Ministry of Electronics and Information Technology of India, issued an advisory for Indian Android smartphone and tablet users, especially for those with smartphones and tablets running on Android 10, Android 11, Android 12 and Android 12L. This comes after the Indian government released a warning regarding cybersecurity for the users of the Google Chrome web browser.
In a survey conducted by CERT-In, suspects rumoured to be remote attackers implement an arbitrary code, gaining access to confidential information from the breached system. It has been assumed that the acquired data can be used for playful privileges.
To steer clear from the attacker to puppet the targeted system, Indian Android users must install a recently launched Android security patch, developed by Google. All the concerned users have to do is to click on the link to download and install the security patch from the CERT-In website itself.
The suspects of this cyber-attack are most likely to be drawn towards the Google Android operating system due to the faulty Framework, Media Codecs, Media Framework components, System, Kernel components, Imagination Technologies, MediaTek Components, Unisoc Components, Qualcomm Components, and Qualcomm closed-source components.
Successful execution of the arbitrary code would allow the remote attacker to gain sensitive information of the system, abusing the privileges of the harvested information. The most endangered issue that requires critical security is the vulnerability of the System component. This can enable the remote attacker to conveniently execute the code without any supplementary execution required.
