.png){kind=logo}
The Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology has raised a high-severity security warning for Apple users in the country. The recent advisory, CIVN-2025-0163, identifies serious weaknesses in Apple's software environment that can expose consumers to data theft, remote exploitation, and system crashes.
The exploits affect a broad range of Apple devices such as iPhones, iPads, Macs, Apple Watch, Apple TV, and even the Vision Pro headset. Users, both consumer and enterprise, are highly recommended to update their devices at once.
The advisory identifies several security vulnerabilities across Apple's operating systems, including iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. The underlying causes are memory management bugs, logic flaws, and incorrect privilege handling.
If abused, these bugs would enable attackers to:
Run arbitrary code remotely
Steal user-sensitive data
Bypass device security controls
Crash or render target devices unusable (Denial of Service)
CERT-In has labeled these vulnerabilities ‘high risk,’ highlighting their potential to compromise user security and system integrity.
The vulnerabilities impact users using out-of-date versions of Apple software. Affected devices include:
iPhones with iOS versions before 18.6
iPads on iPadOS versions before 17.7.9 and 18.6
MacBooks and iMacs are operating:
macOS Sequoia earlier than 15.6
macOS Sonoma before 14.7.7
macOS Ventura before 13.7.7
Apple Watch using watchOS versions earlier than 11.6
Apple TV devices using tvOS before 18.6
Vision Pro devices on visionOS before 2.6
Users on the above versions are the most exposed and should update immediately.
According to CERT-In, attackers can manipulate the vulnerabilities to result in unauthorized access to devices and data. Threats are:
Remote code execution
Stealing personal or financial data
Hijacking of systems
Possible sabotage of enterprise IT infrastructure
For companies, such vulnerabilities have the potential for massive-scale breaches, regulatory fines, and damage to reputation. For users, the implications may vary from data loss to permanent failure of devices.
Also Read: Apple’s Answer Engine Aims for Dynamic, ChatGPT-like Responses
Apple has already issued security patches for the identified vulnerabilities through over-the-air (OTA) updates. To keep device security intact:
Go to Settings
Tap General
Choose Software Update
Install the newest version available
CERT-In also recommends enabling auto-update and not using devices on unknown networks until updated.
