Government Issues High Risk Warning For iPhone Users

Vulnerabilities in Apple iOS and iPadOS could allow attackers to gain access to sensitive information, execute arbitrary code, or denial of service conditions on iPhones and iPad

Apple iPhone and iPad users could be at risk. According to an advisory issued by the Indian Computer Emergency Response Team (CERT-In), multiple vulnerabilities have have been reported in Apple iOS and iPadOS

[{"selector":"#anim-63377c39-bb3d-45c1-888e-40deb8e1b411 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

That could allow a remote attacker to gain access to sensitive information, execute arbitrary code, spoofing of the interface address or denial of service conditions on the targeted device.

[{"selector":"#anim-3e6e3cf3-533c-4ff9-9011-7d3e25a20673 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

Which Apple Devices Are Impacted?

[{"selector":"#anim-e28e0cbd-11ed-45aa-88ba-4cb8926c4446 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] As per the advisory, Apple iOS 16.1, Apple iOS versions prior to 16.0.3 and iPadOS versions prior to 16 are affected by the vulnerability – CVE-2022-42827.

List of impacted devices include Apple iPhone 8 and later, iPad Pro Call models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.

[{"selector":"#anim-58eeb9e3-243c-44cf-aacf-18c67cd062f9 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

How Can The Vulnerability Impact iPhone Users?

[{"selector":"#anim-bd57038a-1a99-407e-b635-d80aaf2574cf [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] These vulnerabilities can be exploited by a remote attacker to persuade the victim to open a specially crafted file or application. On successful exploitation of these vulnerabilities, the attacker could gain access to sensitive information, execute arbitrary code, spoofing of the interface address or denial of service conditions on the targeted system.

What Should Users Do?

[{"selector":"#anim-74bfedc6-b87f-48af-b640-59f1cfde0eb1 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":3000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] The CERT-In advisory says that the vulnerability is being exploited in the wild. Users are advised to apply software updates as mentioned in the Apple Security updates.