Your IT Consultant

Serious iPhone Vulnerability in Mail App

May 5, 2020

CPO reported that an iPhone can be compromised just by opening up the Mail app. No clicking on a link or opening an attachment required. The vulnerability was discovered in the most recent iOS 13 release, but research indicates that it may have existed for at least the past eight years going back to iOS 6 in 2012. Cybersecurity researchers at ZecOps discovered the bug while doing a routine forensic exam of an iPhone. Supposedly, there is evidence of the vulnerability being exploited by at least one APT (Advanced Persistent Threat) for the past two years.

The vulnerability is basically a buffer overflow attack. All you need is a specially crafted email in your Inbox. Just opening iOS Mail with the bad email will trigger the attack if you are running iOS 13. iOS 12 and older users must open the bad message unless the attackers sent the email from a server they control. The attack occurs without the users' knowledge.

Until a patch is released, the "fix" is to not open the Mail app or just delete the app altogether.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com