The Computer Emergency Response Team of India (CERT-In) announced on Friday that numerous vulnerabilities have been identified in Apple products.
These vulnerabilities pose significant risks, potentially allowing attackers to exploit sensitive information, execute arbitrary code, bypass security restrictions, and trigger denial of service (DoS) conditions, among other potential threats.
This security advisory comes on the heels of a cautionary notice issued to Samsung users a mere 48 hours earlier, highlighting critical security issues impacting devices running on Android versions 11, 12, 13, and 14. Notably, Samsung's premier smartphone, the Galaxy S23, is implicated in this warning owing to its utilization of the Android 14 update.
In accordance with the advisory issued by the Computer Emergency Response Team (CERT-in) on Friday, the vulnerabilities identified impact various Apple products, including iOS, Apple watchOS, iPadOS, and versions of Apple Safari preceding 17.2. The severity rating assigned by CERT-In for these products is categorized as 'high,' signaling potential threats such as authentication bypass, elevation of privileges, and the capability to execute "performing spoofing attacks on the targeted system."
Mint previously reported that the CERT-In’s advisory addressed security vulnerabilities identified in Samsung devices running on Android versions 11, 12, 13, and 14.
Exploitation of these vulnerabilities in Samsung devices could potentially lead to unauthorized access to sensitive data stored on the affected devices. It is imperative for users to promptly update their Samsung smartphones to mitigate this security threat.
CERT-In classified the risk as high, underscoring the possibility of attackers leveraging these vulnerabilities to bypass security protocols, gain access to confidential information, and execute unauthorized code on targeted systems. The recognized vulnerabilities present a potential threat to multiple components within the Samsung ecosystem.
The comprehensive examination conducted by the government's cybersecurity team unveils various potential issues. These include inadequate access control in Knox features, integer overflow vulnerabilities in facial recognition software, authorization issues with the AR Emoji app, mishandling of errors in Knox security software, and several memory corruption vulnerabilities in diverse system components.
- Adenman and funkyy
-
2
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.