Attacker Value
Very Low
2

Unknown iOS Mail.App RCE ZecOps

Exploitability

(2 users assessed) Very Low
Attack Vector
Unknown
Privileges Required
Unknown
User Interaction
Unknown

Description

To quote the Reuters report: “To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details.”

So, it sounds like a font or other kind of render thing in Mail.App. No clicks required other than opening the email.

Add Assessment

General Information

Additional Info

Technical Analysis