Outlook Business Desk
A fresh security warning in India has raised concerns for millions of Android users and device makers as critical vulnerabilities could expose sensitive data, disrupt services and leave systems open to hacking risks.
A latest alert from Indian Computer Emergency Response Team (CERT-In) this month flags serious risks, warning that attackers could access sensitive data or trigger denial of service conditions, affecting both individual users and organisations dependent on Android devices.
Unlike earlier warnings tied to specific versions, this threat impacts Android at the kernel level, making it more severe as the flaw sits deep within the system architecture and could affect a broader range of devices and users.
The warning focuses on flaws in OpenSSL versions integrated into Android apps, which attackers can exploit at a critical level, increasing the risk of data exposure and system compromise across multiple devices.
CERT-In stated that multiple vulnerabilities exist due to flaws linked with Android bug IDs and references from Qualcomm, MediaTek, NVIDIA, Broadcom and UNISOC, showing the issue spans across several hardware and software ecosystems
The vulnerabilities mainly impact OpenSSL versions 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2, making a wide range of applications and systems potentially exposed to exploitation by attackers.
While users may find it difficult to identify affected versions, Google has advised installing the latest March 2026 update on Android devices to reduce risks and strengthen protection against these critical vulnerabilities.