his makes it possible for attackers to compromise the iPhone or iPad in question by sending an email. This potentially makes it possible to read, change and delete emails.
Whether successful attackers can carry out further malicious activities is the subject of further tests. The Federal Office for Information Security (BSI) considers these vulnerabilities to be very critical. No patches are currently available for the two vulnerabilities.
According to media reports, the vulnerabilities are belarus gambling data already being actively exploited. As long as no corresponding patches are available, users should uninstall the "Mail" app on Apple iOS or, alternatively, deactivate the accounts linked to this app.
BSI President Arne Schönbohm said:
"The BSI considers these vulnerabilities to be particularly critical. They enable attackers to manipulate large parts of the email communication on the affected devices. In addition, there is currently no patch available. This means that thousands of iPhones and iPads belonging to private individuals, companies and authorities are at acute risk. We are in contact with Apple and have asked the company to find a solution to ensure the security of their products as quickly as possible."
The possibilities for exploiting the vulnerabilities vary depending on the iOS version. While in iOS 13 simply receiving a malicious email is enough to trigger the vulnerability, in iOS 12 and later versions the email must also be opened by the user.
BSI warns against using iOS app “Mail”
-
bhasan01854
- Posts: 238
- Joined: Sat Dec 28, 2024 3:25 am