Tech
Is your iPhone safe? India’s cybersecurity agency flags ‘high-risk’ flaws in Apple products
India’s top cybersecurity agency has warned of high risk to Apple users citing several vulnerabilities it found in multiple products. Computer Emergency Response Team-India (CERT-In) issued an alert on September 19 highlighting security concerns across several Apple software platforms like iOS, iPadOS, macOS, watchOS, and visionOS. The warning came as the US tech giant rolled out Apple’s iPhone 16 series globally.
According to the cybersecurity agency, following Apple products and software versions are at the highest risk.
-iOS: Versions prior to 18 and 17.7
– iPadOS: Versions prior to 18 and 17.7
– macOS Sonoma: Versions prior to 14.7
– macOS Ventura: Versions prior to 13.7
– macOS Sequoia: Versions prior to 15
– tvOS: Versions prior to 18
– watchOS: Versions prior to 11
– Safari: Versions prior to 18
– Xcode: Versions prior to 16
– visionOS: Versions prior to 2
The CERT-In has warned that if vulnerabilities are not addressed, they could allow potential attackers to gain access to sensitive information on these devices, execute arbitrary code on the device, bypass critical security restrictions, cause denial-of-service (DoS) conditions, elevate privileges to gain control over the system, perform spoofing attacks and engage in cross-site scripting (XSS) attacks.
The CERT has also listed potential impacts on Apple products if the high-risk loopholes are not fixed.
– iOS and iPadOS: Users with iOS versions prior to 18 or 17.7 could face DoS attacks, information disclosure, and security restriction bypassing.
– macOS (Sonoma, Ventura, Sequoia): Users running older versions of macOS may experience data manipulation, DoS, privilege elevation, and cross-site scripting.
– tvOS and watchOS: These products face similar risks of DoS attacks, XSS vulnerabilities, and information disclosure.
– Safari and Xcode: Older versions could be vulnerable to spoofing and security restriction bypassing.
– visionOS: Users may be at risk of data manipulation, DoS, and information disclosure.
The agency has advised all Apple users to install the latest software update on their devices and mitigate risks. It has also asked users to be vigilant about any unauthorised activity on their devices and ensure proper security measures are in place.
(With inputs from agencies)