Indian Computer Emergency Response Team (CERT-In) is warning Apple iPhone and iPad users update their device to it immediately iOS 14.7.1 And iPadOS 14.7.1. The agency, under the Ministry of Electronics and Information Technology, said both iOS and iPadOS have active vulnerabilities that are “currently being exploited”.
CERT-In issued a ‘high’ severity warning around the newly discovered memory corruption vulnerability. The devices affected are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
“A vulnerability has been reported in Apple iOS and iPadOS that could be used by a remote attacker to execute arbitrary code and gain elevated privileges on target systems,” CERT-in said.
CERT-In issued a ‘high’ severity warning around the newly discovered memory corruption vulnerability. The devices affected are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
“A vulnerability has been reported in Apple iOS and iPadOS that could be used by a remote attacker to execute arbitrary code and gain elevated privileges on target systems,” CERT-in said.
This vulnerability exists in the IOMobileFrameBuffer of Apple iOS and iPadOS due to memory corruption issues with insufficient memory handling. A remote attacker with kernel privileges could exploit this vulnerability by using a maliciously crafted application, it explained.
Not updating to the latest iOS 14.7.1 and iPadOS 14.7.1 software versions allows attackers to gain elevated privileges on the target system. Apple warned users that it is aware of a report that the issue may be actively exploited.
The new iOS 14.7.1 also fixes an issue where iPhone models with Touch ID can’t unlock a pair apple watch Using the ‘Unlock with iPhone’ feature.
.