A warning has been issued regarding the high security risks associated with various Apple products in the Indian market. On September 19, the country’s Computer Emergency Response Team (CERT-In) released this advisory.
The warning highlights multiple “high-risk” vulnerabilities in Apple’s software, including iOS, iPadOS, macOS, watchOS, and visionOS. These security flaws in iPhones may allow potential attackers to gain access to sensitive information and bypass restrictions.
By exploiting these vulnerabilities across various devices, a cyber attacker could potentially cause the following damages:
- Unauthorized access to sensitive information on the device.
- Inject arbitrary code into the system.
- Circumvent security restrictions.
- Create a denial-of-service (DoS) condition.
- Take control of the system.
- Conduct spoofing attacks.
- Carry out cross-site scripting (XSS) attacks.
Products facing security risks:
- iOS: Versions prior to iOS 18 and 17.7
- iPadOS: Versions prior to iPadOS 18 and 17.7
- macOS Sonoma: Versions prior to Sonoma 14.7
- macOS Ventura: Versions prior to Ventura 13.7
- macOS Sequoia: Versions prior to Sequoia 15
- tvOS: Versions prior to tvOS 18
- watchOS: Versions prior to watchOS 11
- Safari: Versions prior to Safari 18
- Xcode: Versions prior to Xcode 18
- visionOS: Versions prior to visionOS 2
Steps to avoid security risks:
In light of these security risks, CERT-In advises users to update the operating systems of their Apple devices. Users are also encouraged to regularly monitor their devices for any abnormal activity and ensure that their cybersecurity measures are active and effective, as outlined in the advisory.
