CERT-In Has Flagged Critical Security Flaws In Apple And Samsung Devices, Posing Potential Exploits for iPhones and iPads

The identified security flaws may expose sensitive user information to potential risks.

Apple, Samsung and other smartphone manufacturers issue timely updates and security patches to keep their devices robust against various threats and vulnerabilities. Despite regular fixes, both iOS and Android platforms could fall prey to malicious exploits. The government has issued high-risk security alerts for users of both Apple and Samsung devices. The Indian Computer Emergency Response Team (CERT-In) has flagged severe vulnerabilities in Apple and Samsung products this week. The reported vulnerabilities could put users’ sensitive information at risk.

In an advisory issued December 15, CERT-In reported multiple vulnerabilities in Apple products. These vulnerabilities affect iPhone, iPad, Mac, Apple TV, Apple Watch and Safari Web browser. According to CERT-In, iOS and iPadOS versions prior to 17.2 and 16.7.3, macOS Sonoma versions prior to 14.2, macOS Ventura versions prior to 13.6.3, macOS Monterey versions prior to 12.7.2, tvOS versions prior to 17.2, watchOS versions prior to 10.2, and Safari versions prior to 17.2 are all facing high-risk vulnerabilities.

Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted systems,

CERT-In

The nodal security agency, under the Ministry of Electronics and Information Technology (MeitY), has issued warnings regarding two vulnerabilities, CVE-2023-42916 and CVE-2023-42917, in Apple devices. These vulnerabilities pose a risk of exploitation by malicious entities, and users are advised to promptly update to the latest operating system patches.

In a separate advisory, CERT-In highlighted a vulnerability in Samsung products, particularly Android versions 11, 12, 13, and 14, posing a high risk of threats. This flaw could allow attackers to circumvent security restrictions, access sensitive user information, and execute arbitrary code on the targeted system. Samsung users are urged to update their devices with the latest OS version and security patches to mitigate these potential threats.

Last month, CERT-In had warned of multiple security vulnerabilities affecting older iPhone and iPad models. In its vulnerability note CIVN-2023-0303 issued earlier in October, CERT-In had flagged security flaws that had affected older versions of iOS and iPadOS. The vulnerabilities affected OS versions prior to iOS 16.7.1 and iPadOS 16.7.1, according to the agency.