Govt warns of multiple iPhone, iPad vulnerabilities

2 min read

The Indian Computer Emergency Response Team (CERT-In) has warned of multiple vulnerabilities in Apple’s iPhone and iPad. The vulnerability might enable a distant attacker to realize entry to delicate data, execute arbitrary code, copy the interface handle, or deny service circumstances on the focused gadget. 

The authorities company suggested customers to use obligatory software program updates as talked about within the Apple Security updates.

As per the CERT-In advisory, Apple iOS 16.1, Apple iOS variations previous to 16.0.3 and iPadOS variations earlier than 16 are affected by the vulnerability – CVE-2022-42827. Other units impacted embody Apple iPhone 8 and later, iPad Pro Call fashions), iPad Air third era , iPad fifth era and later, and iPad mini fifth era and later.

Reasons why vulnerabilities exist in Apple iOS and iPadOS embody

  • Improper safety restrictions in AppleMobileFileIntegrity element
  • Improper bounds test in Avevideoencoder element; Improper validation in CrNetwork element
  • Improper entitlement in Core Bluetooth element
  • Improper reminiscence dealing with in GPU Drivers element
  • Memory corruption situation within the IOHIDFamily element
  • Improper safety restrictions and Improper path validation within the Sandbox element
  • Improper UI dealing with, Type confusion and Logic points within the Webkit element

About Author