CERT-In has warned Android 13-16 users about serious security flaws that could let hackers access their devices. Users are advised to update their systems immediately.

The Indian Computer Emergency Response Team (CERT-In), working under the Ministry of Electronics and Information Technology (MeitY), has released a high-severity security advisory (CIVN-2025-0293) for Android users. The alert warns about multiple critical vulnerabilities in Google’s Android operating systems that could let attackers gain full control over affected devices.

Which Android devices are vulnerable?

According to CERT-In, these security flaws impact Android versions 13, 14, 15 and 16, meaning most modern smartphones are potentially at risk. This includes phones from top brands such as Samsung, Xiaomi, OnePlus, Realme, Vivo, Oppo, Motorola and Google Pixel.

The vulnerabilities have been traced to components developed by major chipset makers including Qualcomm, MediaTek, Broadcom, NVIDIA and UNISOC. These components are found in a wide range of Android-powered smartphones, tablets and wearables.

CERT-In revealed that the issue was discovered in the November 2025 Android Security Bulletin and could allow hackers to execute arbitrary code, install malware, steal sensitive information or even crash the system.

Why this matters and how to stay protected

The cybersecurity agency has marked the issue as 'high risk', stating that it could lead to serious consequences like data theft, unauthorised access to cloud accounts and financial loss. Devices that have not been updated recently are particularly vulnerable.

CERT-In has urged users to immediately install the latest security patches as soon as they’re made available by manufacturers. Additionally, users should:

Avoid downloading apps from third-party or unverified sources.

Enable automatic system and app updates for real-time protection.

Use Google Play Protect to regularly scan for harmful apps.

Refrain from clicking on suspicious emails, links or attachments.

Cyber experts recommend that users treat this alert seriously, as unpatched devices could be an easy target for hackers exploiting these vulnerabilities.