The Indian Computer Emergency Response Team (CERT-In) has issued a warning for users of Apple devices. The advisory highlights multiple security vulnerabilities across Apple's product ecosystem, including iPhones, iPads, Macs, Apple Watches, and more. CERT-In recommends that users update their devices immediately to avoid potential risks associated with these vulnerabilities.

Device impact Devices running older software versions at risk The vulnerabilities flagged by CERT-In affect multiple generations of iPhones, iPads, Macs, Watches, and visionOS devices. These issues are particularly concerning for users on older software versions. The affected versions include iPhones running iOS versions before 18.6; iPads before iPadOS 17.7.9/18.6; and Macs using macOS versions older than Sequoia 15.6, Sonoma 14.7.7, or Ventura 13.7.7, Apple Watch on watchOS versions earlier than 11.6, and Apple TV and Vision Pro devices running tvOS or visionOS before version 18.6/2.6 also at risk.

Risk assessment Vulnerabilities could lead to unauthorized access, data theft CERT-In has flagged a range of technical issues, including buffer overflows, use-after-free bugs, improper input validation, and logic errors. These vulnerabilities could allow attackers to gain unauthorized access, execute arbitrary code, steal or modify sensitive data. They could also elevate privileges or launch denial-of-service (DoS) attacks. The threats can be exploited remotely through specially crafted requests or files.