The CERT has issued an advisory for iPhone and other Apple devices users, flagging ‘multiple vulnerabilities’ in the company’s software which could put a user’s data at risk.
The Indian Computer Emergency Response Team (CERT-In) has flagged ‘multiple vulnerabilities’ in iPhones and other Apple devices such as iPads, macOS and the watchOS, which could allow an attacker to bypass the device’s security and gain access to the user’s sensitive information.
“Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) and perform spoofing attacks on the targeted system,” the central agency said in a advisory issued on August 2.
As per CERT advisory, the vulnerabilities are present in the iOS, iPadOS, as well as some macOS versions, and older versions of Apple’s Safari web browser.
Here are the affected Apple OS versions, according to CERT:
- iOS versions below 17.6
- iPadOS below 16.7.9
- macOS Sonoma versions below 14.6
- macOS Ventura versions prior to 13.6.8
- macOS Monterey below 12.7.6
- watchOS versions below 10.6
- tvOS versions prior to 17.6
- visionOS below 1.3
Additionally, the vulnerabilities are also present in the Safari web browser versions lower than 17.6, the CERT advisory informed while urging users to apply all the software patches recommended by Apple to mitigate these security risks.
Notably, Apple is yet to confirm any security risks which have been flagged by CERT.
Earlier, in May this year, the central government agency had issued a similar warning for users of iPhone and other Apple devices, flagging a critical vulnerability which could allow attackers access to a user’s data via “remote code execution”.