Security researchers found a severe flaw in the native iOS Mail app which is prone to security attack, said a report published by ZecOps, a San Francisco-based firm ZecOps.
Apple was previously not aware of the vulnerability which could be hazardous. ZecOps says that atleast six high-profile targets were duped which includes an executive of a Japanese mobile carrier and individuals from Fortune 500 companies in North America.
“The attack’s scope consists of sending a specially crafted email to a victim’s mailbox enabling it to trigger the vulnerability in the context of iOS MobileMail application on iOS 12 or maild on iOS 13,” the report reads.
As of now, ZecOps does not have any public evidence to prove the security attack. It is very easy to dupe the users , a victim need not download the file or visit the corrupt website, all it requires is to remotely execute code on a victim's iOS device for the Mail app to receive the email for the victim to open the message.
ZecOps states, “To mitigate these issues — you can use the latest beta available. If using a beta version is not possible, consider disabling Mail application and use Outlook or Gmail that are not vulnerable.”