Teen Researcher Exposes Security Flaws in Government Exam Platform Used by 1.8 Million Students in India
Vulnerabilities in its OnMark digital grading platform disclosed critical laws affecting a system used by 1.8 million students.
New Delhi | EcoPulse24
India's national school examination authority has acknowledged security vulnerabilities in its digital grading platform after a teenage cybersecurity researcher disclosed weaknesses that could have potentially affected one of the country's most important academic assessment systems.
The incident has intensified scrutiny over the security of government digital infrastructure and raised broader questions about the resilience of education technology platforms used by millions of students.
The Central Board of Secondary Education (CBSE), one of India's largest school examination bodies, oversees exams taken by approximately 1.8 million students each year. The exams play a critical role in determining access to higher education across the country.
Digital Grading Platform Comes Under Scrutiny
At the center of the controversy is OnMark, a digital grading platform introduced this year to allow teachers to evaluate scanned copies of student answer sheets electronically rather than through traditional paper-based marking.
The issue first gained public attention after students reported discrepancies between their original physical answer sheets and the digital versions provided during requests for reevaluation.
The concerns escalated when teenage cybersecurity researcher Nisarga Adhikary published findings indicating that the platform contained multiple vulnerabilities that could potentially allow unauthorized access to examiner accounts and interfere with the grading process.
Five Critical Vulnerabilities Reported
According to Adhikary, five critical security vulnerabilities were disclosed to India's Computer Emergency Response Team (CERT-In) on February 25.
The researcher said the vulnerabilities could have potentially enabled attackers to:
-
Access examiner accounts
-
Disrupt digital grading operations
-
Manipulate workflow processes
-
Escalate user privileges within the platform
While there is no evidence that grades were altered or that the system was compromised, the findings triggered widespread debate over the security of digital education infrastructure.
Authorities Move to Contain Risks
In response, CBSE said it had been closely monitoring the reported vulnerabilities and confirmed that identified weaknesses had been contained.
The board stated that cybersecurity specialists from government agencies and leading engineering institutions were deployed to strengthen the platform's security architecture and migrate systems to a more secure environment.
Officials emphasized that no confirmed breach of the grading platform had been detected and that there was no evidence of unauthorized manipulation of student results.
Political Pressure Builds
The controversy arrives only weeks after India's education sector faced another major setback when authorities annulled a national medical entrance examination following an investigation into irregularities.
The latest incident has increased pressure on Prime Minister Narendra Modi's administration, with opposition leader Rahul Gandhi calling for a court-led inquiry into contracts awarded to the external agency responsible for operating and maintaining the grading platform.
Key Facts
| Indicator | Value |
|---|---|
| Students Taking the Exam | 1.8 Million |
| Exam Authority | CBSE |
| Platform Name | OnMark |
| System Type | Digital Grading Platform |
| Vulnerabilities Reported | 5 Critical Flaws |
| Initial Disclosure Date | February 25, 2026 |
| Official Response | Vulnerabilities Contained |
EcoPulse24 Analysis
The incident highlights a growing challenge facing governments worldwide as critical public services migrate to digital platforms.
Education systems, healthcare networks, financial services, and government portals increasingly depend on interconnected digital infrastructure. While these technologies improve efficiency and accessibility, they also create new cybersecurity risks capable of affecting millions of citizens.
In India's case, the issue extends far beyond a grading platform.
The system supports a high-stakes examination process that influences university admissions and academic outcomes for nearly two million students. Even the perception of vulnerability can undermine public confidence in the integrity of the system.
The episode also underscores the increasingly important role of independent cybersecurity researchers in identifying weaknesses before malicious actors can exploit them.
For governments pursuing digital transformation, the lesson is clear: building digital infrastructure is only the first step. Sustained investment in cybersecurity, vulnerability testing, and independent security reviews is essential to maintaining trust in critical national systems.
Sources & References
Editorial Note
Disclaimer
© 2025 EcoPulse24. All rights reserved.