- The Indian Computer Emergency Response Team (CERT-In) has put out a ‘critical’ advisory for Apple device users, alerting them to several vulnerabilities that could affect iPhones, iPads, and Mac systems.
- This warning, released on March 19, 2026, points out security weaknesses that attackers could exploit to gain unauthorized access to these devices and run harmful code.
- This advisory is categorized under vulnerability note CIVN-2026-0150 and is relevant for both individual users and organizations that utilize Apple products.
- Devices and software affected CERT-In reports that these vulnerabilities affect multiple versions of Apple’s operating systems.
- Specifically, macOS versions prior to 13.5, 14.2, and 14.3 are at risk, along with iOS and iPadOS versions before 15.8.7, 16.7.5, 16.7.15, and 17.3.
The Indian Computer Emergency Response Team (CERT-In) has put out a ‘critical’ advisory for Apple device users, alerting them to several vulnerabilities that could affect iPhones, iPads, and Mac systems. This warning, released on March 19, 2026, points out security weaknesses that attackers could exploit to gain unauthorized access to these devices and run harmful code.
This advisory is categorized under vulnerability note CIVN-2026-0150 and is relevant for both individual users and organizations that utilize Apple products.
Devices and software affected
CERT-In reports that these vulnerabilities affect multiple versions of Apple’s operating systems. Specifically, macOS versions prior to 13.5, 14.2, and 14.3 are at risk, along with iOS and iPadOS versions before 15.8.7, 16.7.5, 16.7.15, and 17.3.
The problem also includes Safari versions that come with these operating systems. Devices that haven’t been updated to the latest software versions are particularly vulnerable to these threats.
Risk and impact
CERT-In has flagged these vulnerabilities as ‘critical’, which means they pose a significant risk. According to the agency, these flaws could let attackers run arbitrary code on a targeted device. The vulnerabilities are associated with problems like use-after-free in kernel components and type confusion in WebKit.
If these vulnerabilities are exploited, attackers could gain unauthorized access to systems, steal sensitive information, and manipulate data. The advisory also highlights the potential for service disruptions and memory corruption, which could affect the normal operation of devices.
What users should do
CERT-In is urging users to make sure they install the latest security updates from Apple to tackle these vulnerabilities. It’s really important to apply these updates to fix the identified issues and lower the chances of exploitation.
Users can easily check for updates in their device settings and grab the latest versions of iOS, iPadOS, and macOS. It’s also a good idea to update Safari and other system components as part of your security routine.