Comments
The Indian Computer Emergency Response Team (CERT-In) has warned of multiple vulnerabilities in Apple’s iPhone and iPad. The vulnerability could allow a remote attacker to gain access to sensitive information, execute arbitrary code, copy the interface address, or deny service conditions on the targeted device.
The government agency advised users to apply necessary software updates as mentioned in the Apple Security updates.
As per the CERT-In advisory, Apple iOS 16.1, Apple iOS versions prior to 16.0.3 and iPadOS versions before 16 are affected by the vulnerability – CVE-2022-42827. Other devices impacted include Apple iPhone 8 and later, iPad Pro Call models), iPad Air 3rd generation , iPad 5th generation and later, and iPad mini 5th generation and later.
Reasons why vulnerabilities exist in Apple iOS and iPadOS include
- Improper security restrictions in AppleMobileFileIntegrity component
- Improper bounds check in Avevideoencoder component; Improper validation in CrNetwork component
- Improper entitlement in Core Bluetooth component
- Improper memory handling in GPU Drivers component
- Memory corruption issue in the IOHIDFamily component
- Improper security restrictions and Improper path validation in the Sandbox component
- Improper UI handling, Type confusion and Logic issues in the Webkit component
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.