Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Security issues in the Mail App on iPhone and iPad

7127

Warning Date: 24 April, 2020

Severity Level ● Critical

Warning Number: 2020-1173

Target Sector: All

apple2.png

One of the cybersecurity companies reported two zero-day vulnerabilities that exist in the default mailing application that is pre-installed on iPhones and iPads.

The attacker could exploit these vulnerabilities by sending an email to any targeted individual with his email account logged-in to the vulnerable app, which will then allow for remote code execution capabilities without the need for any intervention or interaction from the victim. Users may notice a temporary slowdown or a sudden crash of the Mail application.

Apple has clarified that they take all reports of security threats seriously. They have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to the users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and they have found no evidence they were used against customers.

These potential issues will be addressed in a software update soon.

Saudi CERT from its side, shall communicate and follow up with Apple for any update. In the event of any patch or mitigation from Apple, it will be acknowledged later.

Last updated at 24 April, 2020