Outdated iOS and iPadOS Versions Leave Devices Vulnerable to Attack

The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has issued a “high risk” warning for Apple device users.

The advisory highlights a serious security vulnerability in older versions of iOS and iPadOS that could leave iPhones and iPads open to attack.

According to CERT-In, the flaw could allow malicious applications to transmit sensitive system-level Darwin notifications—without special permissions.

If exploited, the vulnerability could cause Apple devices to become unresponsive or completely non-functional until a full restore is performed.

The issue affects iPhones running versions prior to iOS 18.3 and iPads running versions before iPadOS 17.7.3 or 18.3, depending on the model.

Specifically, affected devices include iPhones starting from the iPhone XS and newer, as well as iPads such as the iPad Pro (2nd generation and later), iPad (6th generation and later), iPad Air (3rd generation and later), and iPad mini (5th generation and later).

Apple has already rolled out security patches to fix the issue, and CERT-In strongly urges all users to update to the latest version of iOS or iPadOS immediately.

Additionally, users are advised to avoid downloading apps from untrusted or unofficial sources and to watch for unusual activity on their devices, which could signal a breach.

This warning is part of ongoing efforts by the Indian government to safeguard digital security and ensure that consumers remain protected from emerging threats.