Update now! CERT-In warns of critical vulnerabilities in Apple devices
What's the story
India's Computer Emergency Response Team (CERT-In) has issued a high-severity advisory, urging Apple users to update their devices immediately. The warning comes after multiple security vulnerabilities were discovered in Apple's software ecosystem. The advisory covers a wide range of Apple products, including iPhones, iPads, Macs, Apple Watches, and TVs.
Risk assessment
Vulnerabilities could be exploited by attackers
CERT-In's advisory (CIAD-2025-0054) highlights several vulnerabilities in Apple operating systems that could be exploited by attackers. These flaws could allow threat actors to run arbitrary code, gain elevated privileges, bypass security restrictions, access sensitive user data or even cause system crashes and denial-of-service conditions. The issue has been classified as high severity due to the potential risk it poses for individual and organizational users of unpatched devices.
Impacted products
Affected Apple devices and software versions
The vulnerabilities affect Apple software versions released before the latest updates. This includes iOS and iPadOS versions below 26.2 and 18.7.3 respectively; macOS Tahoe versions prior to 26.2, macOS Sequoia versions prior to 15.7.3, and macOS Sonoma versions prior to 14.8.3; tvOS, watchOS, visionOS all below version number of 26; Safari versions prior to the latest release are also at risk.
Potential consequences
Exploitation could lead to data disclosure, system compromise
CERT-In warns that successful exploitation of these vulnerabilities could lead to sensitive information disclosure, memory corruption, spoofing attacks or complete system compromise. For enterprise users, this could also result in service disruptions and broader network risks. Given the wide use of Apple devices for personal communication, payments and work-related tasks, delayed updates only increase exposure to cyberattacks like malware propagation and unauthorized access.
Update advice
CERT-In recommends immediate software updates
CERT-In recommends all users to immediately install the latest software updates released by Apple across affected devices. These updates include security patches designed to fix the reported vulnerabilities. Users can update their devices by going into the software update section in system settings on iPhone, iPad, Mac, Apple Watch, and Apple TV. Safari users on Mac should ensure they are running the latest supported browser version too!
Target audience
Advisory applies to individuals and organizations alike
The advisory applies to both individual consumers and organizations using Apple hardware. CERT-In specifically highlights that users handling sensitive data or managing enterprise systems should prioritize these updates to reduce security risks. In short, keeping Apple devices updated is not just about new features—it is a necessary step to protect personal data, system integrity, and digital security from potential cyber threats.