CERT-in Warns Of High-Risk Security Flaws In Apple Products

CERT-in has given the vulnerabilities in Apple devices a severity rating of “High”.

Written by Nithya P Nair, Edited by Siddharth Suvarna | Updated: 30 January 2025 15:34 IST

CERT-in Warns Of High-Risk Security Flaws In Apple Products

Photo Credit: Apple

The vulnerabilities affects Apple devices running older versions of iOS, iPadOS, and macOS

Highlights

CERT-in has found multiple security flaws in Apple operating systems
The advisory affects a wide range of Apple products
The advisory was issued on January 28

Indian Computer Emergency Response Team (CERT-In) has issued a warning to Apple users concerning multiple vulnerabilities found in iPad, Mac and other models. The advisory was issued this week after the government agency discovered many security flaws in the operating system that powers Apple's tablets, iPhone models and laptops among others. These vulnerabilities, if exploited, could allow attackers to access sensitive information from the systems.

CERT-in Issues Advisory Related to Vulnerabilities in Apple Devices

In an advisory dated January 28, CERT-In states that multiple vulnerabilities have been reported in Apple products. This could allow the attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, data manipulation and perform spoofing attacks on the targeted system.

CERT-In's advisory outlines the affected Apple products — Apple macOS Sequoia versions before 15.3, macOS Sonoma versions before 14.7.3, macOS Ventura versions before 13.7.3, and iPadOS versions before 17.7.4.

Apple's AR Glasses to Come With New Version of visionOS: Report

The iOS, tvOS and iPadOS versions prior to 18.3, visionOS versions prior to 2.3, Safari Versions before 18.3 and watchOS versions prior to 11.3 are also said to be affected by these vulnerabilities. The vulnerabilities are rated as "high risk".

The government agency states that the identified vulnerabilities stem from null pointer dereference, type confusion error, use after free error, out-of-bounds read, out-of-bounds write, handling of files, parsing a file, input validation, user-sensitive data, and more. The nodal agency notes that one of the reported vulnerabilities — CVE-2025-24085 — is a critical one and is actively exploited. It affects Apple devices running older versions of iOS, iPadOS, and macOS.

The advisory recommends users update their Apple devices to the latest versions of software to mitigate the risks. The government advisory comes a few days after Apple released its latest software update for iPhone, iPad and Mac users.

iOS 18.4 Could Be Released in April With These Upgrades

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Indian Computer Emergency Response Team, iPad, Apple, iOS, CERT In

Nithya P Nair

Email Nithya P Nair

Nithya P Nair is a journalist with more than five years of experience in digital journalism. She specialises in business and technology beats. A foodie at heart, Nithya loves exploring new places (read cuisines) and... more »