The Indian Computer Emergency Response Team, also known as CERT-In, is a cyber-security agency in India. They have issued a warning about the high number of vulnerabilities in the Apple Watch ecosystem. Because of the vulnerabilities, it may be possible for malicious actors to sidestep the security protocols that the company has implemented within Apple’s WatchOS.
CERT-In has recommended in an advisory that users update their Watch OS to the most recent version of the software that the company has released to address security concerns. There have been reports of vulnerabilities in older versions of WatchOS, which were released before version 8.7.
As a result of this vulnerability, attackers may be able to execute arbitrary code and circumvent security restrictions imposed on the device. This means that malicious actors could take advantage of this security flaw to remotely carry out actions on your device by issuing commands. These commands may include methods for circumventing the security restrictions imposed by the watch, thereby granting the attackers access to confidential information stored on the smartwatch.
According to the CERT-In vulnerability note, the vulnerabilities can be found in Apple Watch models that are operating on older software as a result of a variety of flaws.
In addition to other vulnerabilities, these include “buffer overflow in AppleAVD component; an authorisation issue in AppleMobileFileIntegrity component; out-of-bounds write in Audio, ICU, and WebKit component; type confusion in Multi-Touch component; multiple out-of-bounds write and memory corruption in GPU drivers component.”
According to the additional information in the note, “Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code and bypass security restrictions on the targeted system.”
Fixes for these security flaws have already been rolled out by Apple in the most recent version of its watchOS software for compatible models, which include Apple Watch Series 3 and later models.
Users of the Apple Watch need to check that their device has at least 50 percent of its battery life remaining and that it is connected to a WiFi network before they can update their watch. Launch the Settings app on the watch, then go to General > Software Update in the menu that appears. Users are responsible for following the instructions that appear on their screens in order to update their devices when an update is available.
