India Warns of Vulnerabilities in Android and Mozilla Firefox

The Indian Computer Emergency Response Team (CERT-In), an entity under the Ministry of Electronics & Information Technology, issued a warning on Wednesday regarding vulnerabilities detected in Android and Mozilla Firefox web browsers.
Mozilla Firefox at MWCThese vulnerabilities, if exploited, could potentially lead to the acquisition of sensitive information, execution of arbitrary code, and the creation of Denial-of-Service (DoS) conditions on the targeted system, according to the advisory released by CERT-In.

The affected software versions include ‘Android 12, 12L, 13, 14’, and ‘Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1’.

The advisory emphasized, “Successful exploitation of these vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges, and cause a denial-of-service condition on the targeted system.”

In Android, the vulnerabilities stem from flaws found in various components such as the Framework, System, MediaTek components, Widevine, Qualcomm components, and Qualcomm closed-source components.

Similarly, in Mozilla Firefox, vulnerabilities are attributed to out-of-bounds access via Range Analysis bypass and Privileged JavaScript Execution via Event Handlers.

CERT-In strongly recommended users to promptly apply appropriate updates as they become available.

Furthermore, CERT-In also alerted users to vulnerabilities present in Apple products including iPhones, MacBooks, iPads, and others. According to the agency, remote attackers could exploit this vulnerability by convincing a victim to visit a specially-crafted request.

The vulnerability in Apple products is attributed to out-of-bounds write issues in WebRTC and CoreMedia, as outlined by the cyber agency. News Desk

Related News

Latest News

Latest News