CERT-In warns Apple users of security flaws
What's the story
India's national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a warning for users of Apple devices. The advisory highlights several newly discovered security vulnerabilities in iPhones, iPads, Mac computers and other products in Apple's ecosystem. These flaws could be exploited by attackers to gain unauthorized access to sensitive data or disrupt normal device operations if not patched in time.
Risk exposure
Vulnerabilities affect multiple Apple software platforms
The vulnerabilities flagged by CERT-In affect a range of Apple software platforms, including older versions of iOS, iPadOS, macOS, tvOS, visionOS and the Safari browser. These flaws could be exploited by attackers to gain elevated system privileges or access confidential information. They could also bypass security controls or trigger denial-of-service situations that affect normal device functioning.
Targeted software
CERT-In lists specific vulnerable software versions
CERT-In has listed specific vulnerable software versions, including older releases of iPadOS on select iPad models. The agency also flagged several Common Vulnerabilities and Exposures (CVE) identifiers associated with these flaws, including issues related to information disclosure and security restriction bypass mechanisms. Users running outdated macOS versions on their Mac devices may also remain vulnerable if recent security patches have not been installed.
Update recommendation
Users urged to update devices promptly
CERT-In has urged users of affected Apple devices to update their devices to the latest software versions released by the company. These updates include security patches designed to address the identified flaws and strengthen device protections. The agency also advised users to ensure Safari and other Apple software components are updated regularly, as outdated applications with known security loopholes are often targeted by attackers.
Affected devices
Advisory covers a range of Apple products
The CERT-In advisory covers a wide range of Apple products, including iPhones, iPads, Macs and Apple Watches. It affects both newer and older devices such as the latest iPhone 17 series as well as older models like iPhone 11, X, 8 and 7. Even recent versions of iPads and Macs are not spared from these vulnerabilities.