India issues ‘high-risk’ warning for users of Apple’s iPhones, MacBooks, iPads, Vision Pro headsets

The Indian Computer Emergency Response Team (CERT-In), which is part of the Ministry of Electronics and Information Technology, issued a "high-risk" warning for users of Apple's iPhones, MacBooks, iPads, and Vision Pro headsets. The government team has referred to a critical vulnerability that poses a significant security threat.

The overview of the report noted that a Remote Code Execution vulnerability has been reported in Apple Products which could be exploited by a remote attacker to execute arbitrary code on the targetted system.

A range of Apple software and hardware are impacted due to the issue. Apple Safari versions prior to 17.4.1, Apple macOS Ventura versions before 13.6.6, Apple macOS Sonoma versions prior to 14.4.1, Apple visionOS versions before 1.1.1, Apple iOS and iPadOS versions prior to 17.4.1, and Apple iOS and iPadOS versions prior to 16.7.7 are affected.

Users of iPhone XS, iPad Pro 12.9-inch, iPad Pro 10.5-inch, iPad Pro 11-inch, iPad Air, iPad, and iPad mini are susceptible if their devices are running iOS and iPadOS versions before 17.4.1, the advisory stated.

In addition to that, iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation users are at risk if their devices are not updated to iOS and iPadOS versions 16.7.7 or later.

The advisory mentioned that the vulnerability exists in Apple products because of an "out-of-bound write issue in WebRTC and CoreMedia".

Watch:Meta to shut down misinformation monitoring tool CrowdTangle

It said that this particular vulnerability could be exploited by a remote attacker by persuading a victim to visit a specially crafted request.

"Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the targetted system," the advisory published on Tuesday (Apr 2) said.

(With inputs from agencies)