The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has issued a new high-severity advisory urging users of Apple devices, such as iPhones, iPads, Macs, Apple Watches, Apple TVs, and Vision Pro, to update their software immediately following the discovery of multiple critical vulnerabilities. These flaws, detailed in advisory CIVN‑2025‑0163, have the potential to compromise user security substantially.
CERT‑In has identified weaknesses in several operating systems, including iOS, iPadOS, macOS (Sequoia, Sonoma, Ventura), watchOS, tvOS, and visionOS. The bugs stem from memory-related issues like buffer overflows and use‑after‑free, logic errors, poor input validation, and privilege management flaws. If exploited, they allow attackers to run arbitrary code, access or steal sensitive information, bypass security protections, and even crash devices via denial-of-service.
CERT-In has classified this vulnerability as 'high risk of unauthorised acess, data compromise, system manipulation, or service disruption.'
Who’s at risk and what versions are affected?
The advisory highlights that Apple users operating on outdated software versions are at elevated risk. Affected versions include:
iOS versions earlier than 18.6
iPadOS versions earlier than 17.7.9 or 18.6
macOS Sequoia earlier than 15.6
macOS Sonoma earlier than 14.7.7
macOS Ventura earlier than 13.7.7
watchOS versions earlier than 11.6
tvOS earlier than 18.6
visionOS versions earlier than 2.6
CERT‑In warns that billions of devices, including a significant number in India, could be vulnerable if not updated promptly.
Indian government advices users to update now
Apple has already rolled out security patches to address these vulnerabilities. CERT‑In strongly urges all Apple users, both individuals and enterprises, to install the latest updates right away via device settings. Head to Settings > Software Update and install the latest update on your Apple device right away.
