Government Reports Multiple Vulnerabilities in Apple, Samsung Devices

Apple, Samsung and different smartphone producers problem well timed updates and safety patches to maintain their units strong in opposition to numerous threats and vulnerabilities. Regardless of common fixes, each iOS and Android platforms may fall prey to malicious exploits. The federal government has issued high-risk safety alerts for customers of each Apple and Samsung units. The Indian Pc Emergency Response Group (CERT-In) has flagged extreme vulnerabilities in Apple and Samsung merchandise this week. The reported vulnerabilities may put customers’ delicate data in danger.

In an advisory issued December 15, CERT-In reported a number of vulnerabilities in Apple merchandise. These vulnerabilities have an effect on iPhone, iPad, Mac, Apple TV, Apple Watch and Safari Net browser. In accordance with CERT-In, iOS and iPadOS variations previous to 17.2 and 16.7.3, macOS Sonoma variations previous to 14.2, macOS Ventura variations previous to 13.6.3, macOS Monterey variations previous to 12.7.2, tvOS variations previous to 17.2, watchOS variations previous to 10.2, and Safari variations previous to 17.2 are all dealing with high-risk vulnerabilities.

“A number of vulnerabilities have been reported in Apple merchandise which may enable an attacker to entry delicate data, execute arbitrary code, bypass safety restrictions, trigger denial of service (DoS) situations, bypass authentication, acquire elevated privileges, and carry out spoofing assaults on the focused methods,” CERT-In mentioned within the advisory.

The nodal safety company, which comes beneath the Ministry of Electronics and Info Expertise (MeitY), warned that two of the vulnerabilities reported, CVE-2023-42916 and CVE-2023-42917, could possibly be exploited by malicious entities and urged customers to replace to the newest OS patches.

Moreover, CERT-In additionally issued a vulnerability word for Samsung merchandise on December 13, flagging Android variations 11, 12, 13, and 14 on Samsung units beneath excessive danger of threats that might enable attackers to bypass safety restrictions, entry delicate consumer data, and run arbitrary code on the focused system.

The vulnerabilities on Samsung units could possibly be exploited to entry machine SIM PIN and ship a broadcast with elevated privilege, amongst different actions. Samsung customers can get the most recent OS replace on their units, together with the newest safety patch, to keep away from falling prey to those threats.

Final month, CERT-In had warned of a number of safety vulnerabilities affecting older iPhone and iPad fashions. In its vulnerability word CIVN-2023-0303 issued earlier in October, CERT-In had flagged safety flaws that had affected older variations of iOS and iPadOS. The vulnerabilities affected OS variations previous to iOS 16.7.1 and iPadOS 16.7.1, in line with the company.