CERT-In Warns Users of Multiple Bugs in Android and Mozilla Firefox Web Browser

As per the advisory, 'Android 12, 12L, 13, 14', and 'Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1' are the affected software versions, respectively.

Android, Mozilla Firefox Web Browser, CERT-In Logo (Photo Credits: Wikimedia Commons)

New Delhi, April 3: The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, on Wednesday warned users of multiple vulnerabilities in Android and Mozilla Firefox web browsers which could allow an attacker to obtain sensitive information, execute arbitrary code and cause Denial-of-Service conditions on the targeted system.

As per the advisory, 'Android 12, 12L, 13, 14', and 'Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1' are the affected software versions, respectively. "Successful exploitation of these vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges and cause a denial-of-service condition on the targeted system," said the CERT-In advisory. UPI Transactions Witnessed Staggering 56% Growth in Second Half of 2023 With 65.77 Billion Volume: Report.

In Android, these vulnerabilities exist due to flaws in the Framework, System, MediaTek components, Widevine, Qualcomm components and Qualcomm closed-source components. In Mozilla Firefox, these vulnerabilities exist due to out-of-bounds access via Range Analysis bypass and Privileged JavaScript Execution via Event Handlers. X New Feature Update: Elon Musk Activates Community Notes Feature in India Ahead of Lok Sabha Elections 2024.

The cyber agency advised users to apply appropriate updates when available. Meanwhile, CERT-In has warned users of vulnerability in Apple products such as iPhones, MacBooks, iPads, and others. According to the cyber agency, a remote attacker could exploit this vulnerability by persuading a victim to visit specially-crafted request. This vulnerability exists in Apple Products due to out-of-bounds write issues in WebRTC and CoreMedia, it added.

(The above story first appeared on LatestLY on Apr 04, 2024 11:53 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).

Share Now

Share Now