The Government on Friday said multiple vulnerabilities have been reported in Apple products, which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions and cause denial of service (DoS) conditions, among others.

The Security Alert comes two days after Samsung users were warned of multiple vulnerabilities, highlighting critical security issues in phones running Android versions 11, 12, 13 and 14. Samsung’s flagship smartphone Galaxy S23 was in the list as it has the Android 14 update.

According to the Advisory of the Computer Emergency Response Team (CERT-in) dated December 15, the software affected in Apple products includes iOS, iPadOS , Apple watchOS and Apple Safari versions prior to 17.2.

CERT-In has defined the severity rating for these products as ‘high’ and said the vulnerabilities can include bypass authentication, gain elevated privileges and “perform spoofing attacks on the targeted system”.

According to industry sources, such advisories are based on reports from the companies and software updates are done immediately . Just like in the auto industry, recalls are done on certain parts related to safety issues and they are inspected and parts changed free of cost.

CERT-In has also issued similar advisory for multiple vulnerabilities in Adobe products.

On Wednesday (December 13), it had issued an advisory for Microsoft products where the software affected included Windows, Microsoft Office, Dynamics, Azure and System Center, which could allow an attacker to gain elevated privileges, obtain sensitive information, conduct remote code execution attacks, conduct spoofing attacks, or cause denial of service conditions.

On Thursday, the agency had flagged similar advisory for Schneider Electric products, including Trio Q-Series ethernet data radio, Trio E-Series ethernet data radio and Trio J-Series.

Related Topics
comment COMMENT NOW