Your review has been sent successfully

Security issues in the Mail App on iPhone and iPad

11496
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

24 April, 2020

● Critical

2020-1173

All

apple2.png

One of the cybersecurity companies reported two zero-day vulnerabilities that exist in the default mailing application that is pre-installed on iPhones and iPads.

The attacker could exploit these vulnerabilities by sending an email to any targeted individual with his email account logged-in to the vulnerable app, which will then allow for remote code execution capabilities without the need for any intervention or interaction from the victim. Users may notice a temporary slowdown or a sudden crash of the Mail application.

Apple has clarified that they take all reports of security threats seriously. They have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to the users. The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and they have found no evidence they were used against customers.

These potential issues will be addressed in a software update soon.

Saudi CERT from its side, shall communicate and follow up with Apple for any update. In the event of any patch or mitigation from Apple, it will be acknowledged later.

Last updated at 24 April, 2020

Rate the content

rate-icon
up icon