‘Remote attacker…’: Centre issues warning on Apple iOS & Ipad OS

Published on Oct 26, 2022 05:00 PM IST

The Indian Computer Emergency Response System (CERT-IN), an agency under the ministry of electronics and information technology has issued a ‘High’ severity warning for Apple iOS and iPadOS users.

The Centre said a remote attacker could exploit these vulnerabilities by persuading a victim to open a specially crafted file or application
The Centre said a remote attacker could exploit these vulnerabilities by persuading a victim to open a specially crafted file or application

The Centre on Wednesday warned users of Apple iOs and iPadOS against multiple vulnerabilities in the two operating systems which could help a remote attacker gain access to sensitive information, execute arbitrary code , spoof interface address or deny service conditions on the targeted systems.

The Indian Computer Emergency Response Team (CERT-IN) a nodal agency under the ministry of electronics and information technology, said the vulnerabilities existed in Apple iOS and iPadOS due to improper security restrictions in AppleMobileFileIntegrity component, improper bounds check in AVEVideoEncoder component, improper validation in CFNetwork component, improper entitlement in CoreBluetooth component to name a few.

“A remote attacker could exploit these vulnerabilities by persuading a victim to open a specially crafted file or application. Successful exploitation of these vulnerabilities could allow the attacker to gain access to sensitive information, execute arbitrary code, spoof interface address or deny service conditions on the targeted systems”, CERT-IN said in the advisory.

The CERT-IN has recommended applying proper security updates to stay protected.

Here are the softwares which are affected as per this warning of high severity.

Apple iOS 16.1 and iPadOS versions prior to 16

1) iPhone 8 and later

2) iPad Pro (all models)

3) iPad Air 3rd generation and later

4) iPad 5th generation and later

5) iPad mini 5th generation and later

On September 14, the CERT-IN had issued another warning to select Apple users over multiple vulnerabilities 'which could allow an attacker to ‘gain elevated privileges, execute arbitrary code, disclose sensitive information and bypass security restriction on the targeted system’.

SHARE THIS ARTICLE ON
  • ABOUT THE AUTHOR

    Multimedia journalist with over nine years of experience in print, television and digital media. Books, politics and cinema are an inseparable part of life.

SHARE
Story Saved
OPEN APP
×
Saved Articles
Following
My Reads
My Offers
Sign out
New Delhi 0C
Monday, February 06, 2023
Start 15 Days Free Trial Subscribe Now
Register Free and get Exciting Deals