Government issues alert about multiple high severe vulnerabilities in Apple Watch models
Jul 26, 2022
It seems that the Apple Watch models that are running older than 8.7 OS versions have multiple vulnerabilities. The government of India has issued a warning to users, saying that these vulnerabilities can help hackers bypass security restrictions on any Apple Watch device. The Indian Computer Emergency Response Team (CERT-in) has given a high-severity warning to Apple Watch users.
The cited source has asserted that the vulnerabilities found in the Apple Watch could allow an attacker to execute arbitrary code and bypass security restrictions on any targeted system. CERT-in reported that the vulnerabilities exist in Apple Watch due to buffer overflow in AppleAVD component and authorization issue in AppleMobileFileIntegrity component.
CERT-in has stated a few more reasons that suggest why these vulnerabilities exist in Apple Watch. These include "out-of-bounds write in Audio, ICU and WebKit component, type confusion in Multi-Touch component, multiple out of bounds write and memory corruption in GPU Drivers component, out of bounds read in Kernel component, and memory initialization in libxml2 component."
CERT-in further mentioned that a hacker can easily exploit these vulnerabilities by sending a specially crafted request. If the hacker manages to exploit these vulnerabilities, then executing arbitrary code and bypassing security restrictions would become easier.
If you are an Apple Watch user, then you don't have to worry as the company has released the security patches. Therefore, users are advised to update their smartwatches to the latest Apple WatchOS 8.7 version that fixes all the issues. Apple has acknowledged the vulnerability in its support page and highlighted the same issues as well.