June 9, 2024
2 mins read

CERT-In finds multiple vulnerabilities in Android

The affected software includes Android versions 12, 12L, 13, and 14….reports Asian Lite News

The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Friday warned users of multiple vulnerabilities in Android which could allow an attacker to obtain sensitive information, gain elevated privileges and cause denial-of-service (DoS) conditions on the targeted system.

The affected software includes Android versions 12, 12L, 13, and 14.

“Multiple vulnerabilities have been reported in Android which could be exploited by an attacker to obtain sensitive information, gain elevated privileges and cause a denial of service condition on the targeted system,” said the CERT-In advisory.

According to the cyber agency, these vulnerabilities exist in Android due to flaws in the Framework, System, Google Play system updates, Kernel, Arm components, MediaTek components, Imagination Technologies and Qualcomm closed-source components.

CERT-In advised users to apply appropriate updates when made available by the respective OEMs (original equipment manufacturers).

Last week, CERT-In warned about a vulnerability in Checkpoint Network Security gateway products, which could allow hackers to compromise users’ data.

According to its advisory by the national cyber-security agency, attackers can use the vulnerability to access certain information on “internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades.”

Warning over bug in Checkpoint gateway products

CERT-In has warned about a vulnerability in Checkpoint Network Security gateway products, which could allow hackers to compromise users’ data.

According to its advisory by the national cyber-security agency, attackers can use the vulnerability to access certain information on “internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades”.

This, in certain scenarios, could potentially lead the attacker to move laterally and gain domain admin privileges, warned the agency.

The vulnerability exists in Checkpoint Network Security gateway products due to the unrecommended password-only authentication method.

“The vulnerability (CVE-2024-24919) is being exploited in the wild,” said CERT-In, urging users to apply fixes issued by the company.

Checkpoint has discovered the vulnerability and issued the fix.

“Following our security update, Check Point’s dedicated task force continues investigating attempts to gain unauthorised access to VPN products used by our customers,” said the company in its security update.

“Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway,” it added.

CERT-In, which comes under the Ministry of Electronics & Information Technology, last week warned users of vulnerabilities in Google Chrome and Siemens products, which could allow an attacker to execute arbitrary code on the targeted system.

ALSO READ: David Cameron falls victim to hoax video call

Previous Story

Modi to be sworn in as PM

Next Story

Pakistan, China agree to upgrade CPEC

Latest from India News

UN Pays Tribute to Indian Soldiers

Thursday was observed as the 77th UN Peacekeepers Day, honouring the work of 61,353 peacekeepers, of whom 5,375 hailed from India….reports Asian Lite News Brigadier Amitabh Jha and Havildar Sanjay Singh, who

Modi’s New Warfare Playbook

Modi has upended the old playbook and India and Pakistan are entering dangerous new territory where nuclear deterrence is no longer a guarantee against conventional conflict…writes Collins Chong Yew Keat The India-Pakistan

‘Op Sindoor’ Team Wraps Up Saudi Visit

The visit reaffirmed the shared commitment of India and Saudi Arabia in the fight against terrorism….reports Asian Lite News Riyadh, May 30 (IANS) The Indian all-party delegation, led by BJP MP Baijayant

Visa Interview Pause Nearing End, Says US

India is the source country for the largest group of international students in the US and Bruce’s comments will be closely followed there….reports Asian Lite News The United States said the pause
Go toTop

Don't Miss

WhatsApp rolling out ‘link with phone number’ feature on Android

The official changelog of the application mentioned that an updated

Android powers 3B devices globally

Sameer Samat, VP of product management at Android and Google