India’s Cyber Security Authority, the Indian Computer Emergency Response Team or CERT-In has warned of high security vulnerabilities in the Apple Watch ecosystem. The vulnerabilities would allow hackers to bypass the company’s security measures built into Apple’s WatchOS.
In a recommendation, CERT-In has said that users should update their Watch OS to the latest security versions introduced by the company. The vulnerabilities were reported in versions of WatchOS prior to version 8.7.
This vulnerability could allow attackers to run arbitrary code and bypass security restrictions on the device. This means that attackers could exploit this vulnerability to remotely execute commands on your device. These commands can include ways to bypass the watch’s security restrictions and allow the attackers to access private information on the smartwatch.
According to the CERT-In vulnerability advisory, the vulnerabilities exist due to various bugs in Apple Watch models running older software. These include “Buffer overflow in AppleAVD component; an authorization issue in the AppleMobileFileIntegrity component; Out-of-bounds writing in audio, ICU and WebKit component; type confusion in multi-touch component; multiple out-of-bounds write and memory corruptions in the GPU driver component”, among others.
“Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code and bypass security restrictions on the target system,” the note added.
Apple has already released fixes for these vulnerabilities in the latest version of its watchOS software for compatible models Apple watch Series 3 and above.
To update their Apple Watch, users must ensure their device is at least 50 percent charged and connected to a Wi-Fi network. Open the settings on the watch itself and navigate to General/Software update. If an update is available, users must follow the on-screen instructions to update their devices.
This article was previously published on Source link
