CERT-In, the Indian Computer Emergency Response Team, has recently issued an advisory highlighting severe vulnerabilities in Apple products. These vulnerabilities pose a significant risk to users’ sensitive information. The affected Apple devices include iPhone, iPad, Mac, Apple TV, Apple Watch, and Safari Web browser. To mitigate these risks, it is crucial for users to update their devices to the latest versions. The vulnerabilities can potentially allow attackers to access sensitive information, execute unauthorized code, bypass security measures, cause denial of service, bypass authentication, gain elevated privileges, and perform spoofing attacks. It is essential for Apple users to remain vigilant and promptly install the necessary updates and security patches to protect their devices and personal data.
The Ministry of Electronics and Information Technology (MeitY) has issued a warning regarding two vulnerabilities, CVE-2023-42916 and CVE-2023-42917, which could be exploited by malicious entities. Users are strongly advised to update their operating systems with the latest patches to mitigate these risks.
Furthermore, CERT-In has also released a vulnerability note specifically for Samsung products. This note highlights the high risk associated with Android versions 11, 12, 13, and 14 on Samsung devices. Attackers could potentially bypass security restrictions, gain access to sensitive user information, and execute arbitrary code on targeted systems. Exploiting these vulnerabilities could allow unauthorized access to the device’s SIM PIN and enable the sending of broadcasts with elevated privileges. To safeguard against these threats, Samsung users should promptly update their devices to the latest operating system version and apply the most recent security patch.
In a previous vulnerability note, CERT-In had cautioned about security vulnerabilities affecting older iPhone and iPad models. The note, CIVN-2023-0303, highlighted the presence of security flaws in iOS and iPadOS versions prior to 16.7.1. It is crucial for users to ensure that their devices are updated to iOS 16.7.1 or iPadOS 16.7.1 to mitigate the risks associated with these vulnerabilities.