Apple Watch users using watchOS 8.7 or older versions of the device software have been advised by the government to update their device to the latest software as quickly as possible. The Indian Computer Emergency Response Team (CERT-In) suggested in a report that Apple Watch models running on older versions of the watchOS operating system may be open to a newly discovered vulnerability.
This vulnerability might allow attackers to run arbitrary code and bypass security restrictions on the device. What this means is attackers could make use of this security flaw to execute commands on your device remotely. These commands can include ways to bypass the watch’s security restrictions, allowing the attackers access to private information on the smartwatch.
This may include details on your fitness, your texts and perhaps even banking-related details.
Technical details
As per the CERT-In vulnerability note, the vulnerabilities exist in Apple Watch models running on older software due to a various flaws. These include “buffer overflow in AppleAVD component; an authorisation issue in AppleMobileFileIntegrity component; out-of-bounds write in Audio, ICU and WebKit component; type confusion in Multi-Touch component; multiple out-of-bounds write and memory corruption in GPU drivers component,” among others.
Comments