This flaw affects Android 13, 14, 15, and 16.

Android Users in India at Risk: Government Issues High Alert

The Indian Computer Emergency Response Team (CERT-In) has issued a high alert for Android smartphone users in India after identifying a critical zero-click vulnerability tracked as CVE-2025-48593.

This flaw affects Android 13, 14, 15, and 16. It allows hackers to exploit devices remotely without any sort of user interaction. It is a huge concern for exposing personal data, chats, and system access. As per experts, this kind of “zero-click” exploit is rare and extremely dangerous because users don’t need to tap or download anything for the potential threat.

Warning

According to CERT-In advisory CIVN-2025-0293, the vulnerability stems from improper input validation in Android’s System component. If exploited, it could allow attackers to run malicious code, gain elevated privileges, or disrupt services.

Google’s November 2025 Security Bulletin confirms that no active exploitation has been detected yet, and it urges users to patch devices immediately. Samsung, Xiaomi, OnePlus, Realme, Vivo, Oppo, Motorola, and Google Pixel have started rolling out updates.

Users should check their device’s patch level under

Settings → About Phone → Security Patch Level
and ensure that it reads November 1, 2025, or newer.

Wider Cybersecurity Context

India is home to one of the world’s largest Android user bases. It has seen a steady rise in mobile cyber threats. Zero-click vulnerabilities like this one allow silent breaches that can lead to data theft, ransomware, or remote surveillance. Past campaigns, including the 2025 LANDFALL spyware incident, show how quickly unpatched devices can be exploited.

How to Stay Safe

CERT-In and cyber security experts advise:

Regular Update: Install the November 2025 patch.

Avoid unofficial apps and third-party stores.

Enable Google Play Protect and automatic updates.

Use secure Wi-Fi or a trusted VPN.

Watch for warning signs like sudden battery drain or high data use.

This alert is a reminder that digital safety is a shared responsibility. Timely updates and cautious behaviour are the simplest measures against a fast-evolving cyber landscape.