IndiaNews

Centre Warns Of “High” Risk Security Flaws In iPhones, Other Apple Products | EnvoyPost

Days after Apple launched its highly anticipated iPhone 16 series, the Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning concerning multiple vulnerabilities found in several Apple products. The advisory, issued on September 19, affects a wide range of Apple software versions, including iOS, iPadOS, macOS, watchOS and visionOS.

Affected Products

CERT-In’s advisory outlines the affected Apple products as follows:

iOS: Versions prior to 18 and 17.7
iPadOS: Versions prior to 18 and 17.7
macOS Sonoma: Versions prior to 14.7
macOS Ventura: Versions prior to 13.7
macOS Sequoia: Versions prior to 15
tvOS: Versions prior to 18
watchOS: Versions prior to 11
Safari: Versions prior to 18
Xcode: Versions prior to 16
visionOS: Versions prior to 2

Key Risks and Impacts

The vulnerabilities are rated as “high” risk and, if exploited, could allow attackers to:

Gain unauthorised access to sensitive information
Execute arbitrary code on the device
Bypass critical security restrictions
Cause denial-of-service (DoS) conditions
Elevate privileges to gain control over the system
Perform spoofing attacks
Engage in cross-site scripting (XSS) attacks

Potential Impacts by Product

iOS and iPadOS: Users with iOS versions prior to 18 or 17.7 could face DoS attacks, information disclosure, and security restriction bypassing.
macOS (Sonoma, Ventura, Sequoia): Users running older versions of macOS may experience data manipulation, DoS, privilege elevation, and cross-site scripting.
tvOS and watchOS: These products face similar risks of DoS attacks, XSS vulnerabilities, and information disclosure.
Safari and Xcode: Older versions could be vulnerable to spoofing and security restriction bypassing.
visionOS: Users may be at risk of data manipulation, DoS and information disclosure.

CERT-In Recommendations

The advisory urges users to update their Apple devices to the latest versions of software to mitigate the risks. Users are also advised to monitor their devices for any unusual activity and ensure proper cybersecurity measures are in place.

Related Articles

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker