Apple devices, including the iPhone, iPad, Apple Watch, Mac and more running on older software could be vulnerable to multiple security flaws, said the Indian Computer Emergency Response Team (CERT-In). The cybersecurity agency has called the vulnerabilities ‘high severity’ and urged users to install the latest security updates by the company to avoid any potential cyberattacks by bad actors. Notably, these security flaws were discovered in software versions older than iOS 17.6, iPadOS 16.7.9, watchOS 10.6, and macOS Sonoma 14.6, Ventura 13.6.8, and Monterey 12.7.6.
Cert-In Issues Advisory for Apple Devices
In an advisory issued on Friday (August 2), the cybersecurity agency highlighted multiple security flaws that were detected in older software versions for various Apple devices. These vulnerabilities can reportedly allow bad actors to attack users in different ways.
“Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) and perform spoofing attacks on the targeted system,” said Cert-In.
The nodal agency, which comes under the Ministry of Electronics and Information Technology (MeitY), also shared a long list of vulnerabilities labelled as common vulnerabilities and exposures (CVE). The full list of vulnerable software versions is shared below.
- Apple iOS versions prior to 17.6 and iPadOS versions prior to 17.6
- Apple iOS versions prior to 16.7.9 and iPadOS versions prior to 16.7.9
- Apple macOS Sonoma versions prior to 14.6
- Apple macOS Ventura versions prior to 13.6.8
- Apple macOS Monterey versions prior to 12.7.6
- Apple watchOS versions prior to 10.6
- Apple tvOS versions prior to 17.6
- Apple visionOS versions prior to 1.3
- Apple Safari versions prior to 17.6
To avoid any potential cyberattacks, users are urged to update their devices with the latest security patches provided by Apple. For a detailed list, users can check the company’s support page.
A similar warning was given by Cert-In in March when the agency found several security flaws in Android 12 (and 12L), Android 13, and Android 14. These vulnerabilities reportedly affected the Android operating system’s “Framework, System, AMLogic, Arm components, MediaTek components, Qualcomm components & Qualcomm closed-source components.”