India's Computer Emergency Response Team (CERT-In) has issued a high-risk warning for multiple vulnerabilities discovered in various Apple products, including iPhones, iPads, Macs, Apple Watches and others. The caution was issued just days after Apple debuted its much-anticipated iPhone series in India. The vulnerabilities affect numerous software versions, including iOS, iPadOS, macOS, watchOS and visionOS, prompting CERT-In to advise consumers to upgrade their devices right away.
The CERT-In advisory identifies many potential concerns for Apple consumers who fail to upgrade their devices. If abused, the vulnerabilities could give attackers unauthorised access to sensitive data, run random code and circumvent crucial security protections. Attackers may also induce denial-of-service (DoS) circumstances, raise privileges to manage systems and launch spoofing and cross-site scripting (XSS) assaults. iPhones, iPads, MacBooks, Apple TVs and Apple Watches running software versions prior to iOS 18 or 17.7, macOS Ventura 13.7, macOS Sonoma 14.7 and watchOS 11.
According to the advice, customers running obsolete iOS or iPadOS versions may be vulnerable to DoS attacks, information leaking and evading security protections. Meanwhile, macOS users, especially those using the most recent versions like Sonoma, Ventura and Sequoia, are warned about potential data manipulation, DoS, privilege escalation and XSS threats. Devices running tvOS and watchOS are also susceptible to DoS and information disclosure vulnerabilities, while older versions of Safari and Xcode may be vulnerable to spoofing and security breaches. VisionOS users are also warned about potential data tampering and disclosure dangers.
To mitigate risks, CERT-In recommends that all Apple customers immediately update their devices to the most recent versions of iOS, iPadOS, macOS, watchOS, visionOS and other software. Users should keep an eye on their devices for strange activity and adhere to strong cybersecurity practices, such as applying the most recent security updates.