CERT-In alerts Users to an Apple Device Security Concern

By Consultants Review Team Wednesday, 03 April 2024

A severe vulnerability has prompted the Indian Computer Emergency Response Team (CERT-In) to issue a "high-risk" warning to users of Apple's iPhones, MacBooks, iPads, and Vision Pro headsets. The flaw puts users' security at serious risk by enabling remote execution of arbitrary code by attackers.

The vulnerability, according to the CERT-In security advisory, affects a variety of Apple hardware and software, including versions of Safari for Mac OS X before 17.4.1, versions of macOS Ventura before 13.6.6, versions of macOS Sonoma before 14.4.1, versions of visionOS before 1.1.1, versions of iOS and iPadOS before 17.4.1, and versions of iOS and iPadOS before 16.7.7.

Certain models that are vulnerable to the vulnerability have been identified by CERT-In. There is a danger for users of the iPhone XS, iPad Air, iPad Mini, iPad Pro 12.9-inch, iPad Pro 10.5-inch, and iPad Pro 11-inch. Also at risk if their devices are not updated are owners of the iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

The vulnerability's significance has also been noted by CERT-In, which says that it "poses a significant threat as it empowers remote attackers to execute arbitrary code on the targeted systems." In order to defend against such attacks, users must act immediately by upgrading their devices and taking CERT-In's preventative procedures.

Under the Ministry of Electronics and Information Technology, CERT-In is the nodal organization in India for cyber security incidents.

Current Issue