CERT-In warns Apple Watch users of security flaw

The government has advised Apple Watch owners who are still using watchOS 8.7 or earlier versions of the device software to update as soon as possible. In a report, the Indian Computer Emergency Response Team (CERT-In) hypothesised that Apple Watch models using older watchOS operating system versions might be susceptible to a recently discovered vulnerability.

Bypassing security measures on the device and running arbitrary code are both potential outcomes of this vulnerability for attackers. As a result, attackers may be able to remotely control your device using this security flaw. These instructions might include strategies for getting around the watch's security measures, giving the attackers access to sensitive data stored on the smartwatch.

According to the CERT-In vulnerability note, older software-running Apple Watch models have a number of flaws that make them vulnerable. These include, among others, "buffer overflow in the AppleAVD component; an authorisation issue in the AppleMobileFileIntegrity component; out-of-bounds write in the Audio, ICU, and WebKit components; type confusion in the Multi-Touch component; multiple out-of-bounds write; and memory corruption in the GPU drivers component."

“A remote attacker could exploit these vulnerabilities by sending a specially-crafted request. Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code and bypass security restriction on the targeted system,” the note added.