Apple iOS and iPadOS Vulnerability Alert: Potential Malicious Impact
The Indian Computer Emergency Response Team (CERT-In) has issued an urgent cybersecurity advisory for iPhone and iPad users. A vulnerability in Apple’s iOS and iPadOS could allow certain malicious applications to cause affected devices to become unresponsive or non-functional until restored.
Vulnerable Devices:
- iPhones running software versions older than iOS 18.3
- iPads using iPadOS versions earlier than 17.7.3 or 18.3, depending on the device model
Vulnerable Models:
- iPhone XS and newer
- iPad Pro (2nd generation and up)
- iPad 6th generation and later
- iPad Air from the 3rd generation onward
- iPad mini 5th generation and above
Software Affected:
- iOS versions prior to 18.3 (for iPhone XS and later)
- iPadOS versions prior to 17.7.3 (for iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation)
- iPadOS versions prior to 18.3 (for iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later)
Vulnerability Details:
The vulnerability arises due to the fact that any iOS application can transmit sensitive system-level Darwin notifications without needing special privileges or entitlements. Successful exploitation of these vulnerabilities could allow malicious applications to cause affected devices to become unresponsive or non-functional until restored.
Apple’s Response:
Apple has released security patches to address the issues. Users are strongly urged to upgrade their devices to the latest versions of iOS or iPadOS without delay. It is also advised to avoid downloading apps from untrusted sources and to monitor devices for abnormal activity that could signal a potential breach.
