Apple, Samsung and different smartphone producers challenge well timed updates and safety patches to maintain their units strong in opposition to varied threats and vulnerabilities. Despite common fixes, each iOS and Android platforms might fall prey to malicious exploits. The authorities has issued high-risk safety alerts for customers of each Apple and Samsung units. The Indian Computer Emergency Response Team (CERT-In) has flagged extreme vulnerabilities in Apple and Samsung merchandise this week. The reported vulnerabilities might put customers’ delicate info in danger.
In an advisory issued December 15, CERT-In reported a number of vulnerabilities in Apple merchandise. These vulnerabilities have an effect on iPhone, iPad, Mac, Apple TV, Apple Watch and Safari Web browser. According to CERT-In, iOS and iPadOS variations previous to 17.2 and 16.7.3, macOS Sonoma variations previous to 14.2, macOS Ventura variations previous to 13.6.3, macOS Monterey variations previous to 12.7.2, tvOS variations previous to 17.2, watchOS variations previous to 10.2, and Safari variations previous to 17.2 are all dealing with high-risk vulnerabilities.
“Multiple vulnerabilities have been reported in Apple products which could allow an attacker to access sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service (DoS) conditions, bypass authentication, gain elevated privileges, and perform spoofing attacks on the targeted systems,” CERT-In stated within the advisory.
The nodal safety company, which comes beneath the Ministry of Electronics and Information Technology (MeitY), warned that two of the vulnerabilities reported, CVE-2023-42916 and CVE-2023-42917, could possibly be exploited by malicious entities and urged customers to replace to the most recent OS patches.
Additionally, CERT-In additionally issued a vulnerability observe for Samsung merchandise on December 13, flagging Android variations 11, 12, 13, and 14 on Samsung units beneath excessive threat of threats that might permit attackers to bypass safety restrictions, entry delicate consumer info, and run arbitrary code on the focused system.
The vulnerabilities on Samsung units could possibly be exploited to entry system SIM PIN and ship a broadcast with elevated privilege, amongst different actions. Samsung customers can get the most recent OS replace on their units, together with the most recent safety patch, to keep away from falling prey to those threats.
Last month, CERT-In had warned of a number of safety vulnerabilities affecting older iPhone and iPad fashions. In its vulnerability observe CIVN-2023-0303 issued earlier in October, CERT-In had flagged safety flaws that had affected older variations of iOS and iPadOS. The vulnerabilities affected OS variations previous to iOS 16.7.1 and iPadOS 16.7.1, in keeping with the company.
