CERT-In Issues Advisory on Vulnerabilities Affecting iPhones, iPads, and Macs

The Ministry of Electronics and Information Technology has issued a warning regarding security threats to Apple products, including iPhones, Macs, and Apple Watches. The Indian Computer Emergency Response Team (CERT-In) has released an advisory identifying multiple vulnerabilities in Apple devices that are still operating on outdated software versions. Classified as "High Severity," the advisory highlights that these vulnerabilities could enable attackers to access sensitive information, execute arbitrary code, bypass security restrictions, or circumvent authentication measures.

The warning pertains to iPhones operating on iOS versions prior to iOS 18 or iOS 17.7, iPads using iPadOS versions before iPadOS 18 or iPadOS 17.7, Macs with outdated macOS versions, and Apple Watches running watchOS versions earlier than watchOS 11. Additionally, vulnerabilities have been identified in older versions of tvOS, the Safari browser, and Xcode software for developers. Although Apple has not yet released its Vision Pro mixed-reality headset in India, CERT-In has also highlighted potential risks for devices running older versions of visionOS.

Here is the complete list of affected software:

- Apple iOS versions prior to 18 and iPadOS versions prior to 18

- Apple iOS versions prior to 17.7 and iPadOS versions prior to 17.7

- Apple macOS Sonoma versions prior to 14.7

- Apple macOS Ventura versions prior to 13.7

- Apple macOS Sequoia versions prior to 15

- Apple tvOS versions prior to 18

- Apple watchOS versions prior to 11

- Apple Safari versions prior to 18

- Apple Xcode versions prior to 16

- Apple visionOS versions prior to 2

CERT-In advises that these vulnerabilities have been addressed in the latest software updates, and users should upgrade to the most recent versions to enhance security and avoid breaches.