News Brief

Indian Cybersecurity Agency Warns Of 'High-Risk' Multiple Vulnerabilities In iPhones, Other Apple Products

Kuldeep NegiSep 22, 2024, 01:38 PM | Updated 01:38 PM IST
Apple

Apple


Days after the release of Apple's iPhone 16 series, the Indian Computer Emergency Response Team (CERT-In), India's cybersecurity agency, has issued a high-risk warning concerning multiple vulnerabilities found in several Apple products.

This advisory, issued on 19 September, highlights security concerns across several Apple software platforms like iOS, iPadOS, macOS, watchOS, and visionOS.

According to the advisory, the following Apple products and software versions are vulnerable:

- iOS: Versions prior to 18 and 17.7

- iPadOS: Versions prior to 18 and 17.7

- macOS Sonoma: Versions prior to 14.7

- macOS Ventura: Versions prior to 13.7

- macOS Sequoia: Versions prior to 15

- tvOS: Versions prior to 18

- watchOS: Versions prior to 11

- Safari: Versions prior to 18

- Xcode: Versions prior to 16

- visionOS: Versions prior to 2

The listed vulnerabilities, classified as “high-risk", if exploited could allow attackers to:


- Execute arbitrary code on the device

- Bypass critical security restrictions

- Cause denial-of-service (DoS) conditions

- Elevate privileges to gain control over the system

- Perform spoofing attacks

- Engage in cross-site scripting (XSS) attacks

Potential impact on various products:

- iOS and iPadOS: Users with iOS versions prior to 18 or 17.7 could face DoS attacks, information disclosure, and security restriction bypassing.

- macOS (Sonoma, Ventura, Sequoia): Users running older versions of macOS may experience data manipulation, DoS, privilege elevation, and cross-site scripting.

- tvOS and watchOS: These products face similar risks of DoS attacks, XSS vulnerabilities, and information disclosure.

- Safari and Xcode: Older versions could be vulnerable to spoofing and security restriction bypassing.

- visionOS: Users may be at risk of data manipulation, DoS, and information disclosure.

CERT-In has advised all Apple users to update their devices to the latest software versions to mitigate potential risks. It also recommends users to monitor their devices for any unusual activity and ensure proper cybersecurity measures are in place.

Join our WhatsApp channel - no spam, only sharp analysis