 "iOS 18.3")
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for Apple users, warning of security vulnerabilities in devices running older software versions. The advisory applies to iPhones with iOS versions earlier than the recently released iOS 18.3, as well as outdated iPads, Apple Watches, Macs, and versions of Apple's Safari web browser.
CERT-In has categorised these vulnerabilities as "High risk," cautioning that they could allow attackers to gain unauthorised access to sensitive data, disrupt services, or manipulate information. The advisory noted that both individual users and organisations could be impacted.
Among the reported security flaws, CERT-In highlighted CVE-2025-24085 as a critical issue that has been "exploited in the wild." This vulnerability is identified as a "use-after-free bug" in the Core Media component, occurring due to improper handling of dynamic memory. If exploited, it could enable malicious apps to gain elevated privileges on affected devices.
Apple has addressed these security flaws in its latest software updates for iPhones, iPads, Apple Watches, and Macs. CERT-In advises users to update their devices to the latest versions to mitigate risks and safeguard against potential threats.
The full list of affected software includes:
- iOS versions before 18.3
- iPadOS versions before 18.3
- iPadOS versions before 17.7.4
- Apple macOS Sequoia versions before 15.3
- Apple macOS Sonoma versions before 14.7.3
- Apple macOS Ventura versions before 13.7.3
- Apple watchOS versions before 11.3
- Apple visionOS versions before 2.3
- Apple Safari versions before 18.3
- Apple tvOS versions before 18.3
 "OpenAi")
 "(L-R) Samsung Galaxy S25 Ultra, Samsung Galaxy S25 Plus, and Samsung Galaxy S25")
 "deepseek artificial intelligence")
 "OpenAI's Deep Research AI agent")
 "artificial intelligence machine learning")
