Apple devices including iPhone, iPad, Apple Watch, Mac and more running on older software could be vulnerable to multiple security vulnerabilities, according to the Indian Computer Emergency Response Team (CERT-In). The cybersecurity agency has termed the vulnerabilities as “high severity” and urged users to install the latest security updates from the company to prevent potential cyberattacks by malicious parties. Specifically, the vulnerabilities were discovered in software versions older than iOS 17.6, iPadOS 16.7. 9, watchOS 10.6, and macOS Sonoma 14.6, Ventura 13.6. 8 and Monterey 12.7. 6.
Cert-In provides advice for Apple devices
In a advisory Released on Friday (August 2), the cybersecurity agency highlighted multiple security holes discovered in older software versions for various Apple devices. These vulnerabilities could reportedly allow attackers to attack users in a variety of ways.
“Multiple vulnerabilities have been reported in Apple products that could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial-of-service (DoS), and conduct spoofing attacks on the targeted system,” Cert-In said.
The nodal agency, which falls under the Ministry of Electronics and Information Technology (MeitY), also shared a long list of vulnerabilities that have been labeled as common vulnerabilities and exposures (CVE). The complete list of vulnerable software versions is shared below.
- Apple iOS versions before 17.6 and iPadOS versions before 17.6
- Apple iOS versions before 16.7.9 and iPadOS versions before 16.7.9
- Apple macOS Sonoma versions prior to 14.6
- Apple macOS Ventura versions prior to 13.6.8
- Apple macOS Monterey versions prior to 12.7.6
- Apple watchOS versions prior to 10.6
- Apple tvOS versions prior to 17.6
- Apple visionOS versions prior to 1.3
- Apple Safari versions prior to 17.6
To prevent potential cyberattacks, users are urged to update their devices with the latest security patches from Apple. For a detailed list, users can visit the support page.
A similar warning was issued by Cert-In in March when the agency found several security vulnerabilities in Android 12 (and 12L), Android 13, and Android 14. These vulnerabilities reportedly affected the Android operating system “Framework, System, AMLogic, Arm components, MediaTek components, Qualcomm components, and Qualcomm closed-source components.”
