scorecardresearch

High level vulnerabilities found in Apple iPhones, iPads and Safari: Report

Users are advised to use appropriate software as mentioned in the Apple Security updates.

High level vulnerabilities found in Apple iPhones, iPads and Safari: Report
High level vulnerabilities found in Apple iPhones, iPads and Safari: Report. (Photo Credit: Reuters)

The Indian Computer Emergency Response Team (CERT-IN) on Wednesday released a report mentioning that multiple vulnerabilities have been detected in Apple iOS and iPadOS.  

The report mentions that the hacker can exploit these vulnerabilities by convincing the victim or the users to open a perfectly crafted application.

This will allow the remote attacker to get hold of sensitive information, carry out arbitrary code, spoofing of the interface address and much more.

As per the report, the vulnerability, CVE-2022-42827 is now out on the loose- a potential threat to Apple iOS 16.1, iPadOS versions prior to 16 on compatible smartphones and iOS versions prior to 16.0.3.

The watchdog has even put out a list of smartphones which can be target of this vulnerability. These include Apple iPhone 8 models and above, iPad Pro Call models, iPad Air 3rd generation and later, iPad 5th generation and above and iPad mini 5th generation and later.

In order to stay safe from this vulnerability, Cert-In has advised the users to use appropriate software update which has been mentioned in the Apple Security updates.  

CERT-IN also reported multiple vulnerabilities in Apple Safari versions prior to 16.1. It mentioned that vulnerabilities exist in Apple Safari for macOS Big Sur and macOS Montery due to improper UI handling, type confusion issues and much more.  

The report further mentioned that if the vulnerabilities are successfully exploited then this will allow the attacker to spoof URLs, and disclose sensitive information among others.  

Both vulnerabilities have been rated ‘high’ in terms of severity.

This is not the first time that vulnerabilities in Apple software have been flagged. Earlier this year, users were advised to update their iPhones with 15.6.1 software to avoid any zero-day exploit vulnerabilities.  

ALSO READ | Apple confirms USB Type-C charger for iPhones, says it has no other option than to comply with EU

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.

First published on: 27-10-2022 at 11:00 IST