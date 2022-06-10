Image used for representative purpose only.

After releasing a high-severity warning for users of Google Chrome operating system and Mozilla products, the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a new advisory for Android smartphone users. The warning from the government's cybersecurity team is for the people who use UNISOC chipset based Android smartphones.

As per CERT-In, a vulnerability has been reported in Android smartphones powered by UNISOC chipset. The vulnerability can be exploited by a remote attacker to execute arbitrary code and perform denial of service on the targeted device.

What CERT-In has to say about the vulnerability

According to CERT-In, the vulnerability exists in UNISOC smartphones chipset due to buffer overflow in the component that handles Non-Access Stratum (NAS) messages in the modern firmware. An attacker can send a malformed packet that would reset the modem, depriving the user of the possibility of communication.

The agency has specially mentioned that vulnerability is in the modem firmware and not in the Android operating system. Exploitation of the bug can allow a cybercriminal to perform denial of service (DoS) on the targeted device.

What is a DoS attack and how it is dangerous

In simple terms, a DoS attack is a cybersecurity threat that occurs when a malicious code tries to make a device or network resource impossible to access. This means that you will not be able to use your smartphone if it is under a DoS attack. It is worth noting that in most cases, the DoS attack does not result in theft or loss of personal information that is stored on your smartphone.

CERT-In suggests that users of Android smartphones with UNISOC chipsets should immediately appropriate updates mentioned by the vendor.