ZecOps 팀에서 밝힌 iOS 취약점이다
Impact & Key Details (TL;DR) :
- The vulnerability allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume significant amount of memory
- The vulnerability does not necessarily require a large email – a regular email which is able to consume enough RAM would be sufficient. There are many ways to achieve such resource exhaustion including RTF, multi-part, and other methods
- Both vulnerabilities were triggered in-the-wild
- The vulnerability can be triggered before the entire email is downloaded, hence the email content won’t necessarily remain on the device
- We are not dismissing the possibility that attackers may have deleted remaining emails following a successful attack
- Vulnerability trigger on iOS 13: Unassisted (/zero-click) attacks on iOS 13 when Mail application is opened in the background
- Vulnerability trigger on iOS 12: The attack requires a click on the email. The attack will be triggered before rendering the content. The user won’t notice anything anomalous in the email itself
- Unassisted attacks on iOS 12 can be triggered (aka zero click) if the attacker controls the mail server
- The vulnerabilities exist at least since iOS 6 – (issue date: September 2012) – when iPhone 5 was released
- The earliest triggers we have observed in the wild were on iOS 11.2.2 in January 2018
문제는 제로클릭 취약점, 그것도 iOS 13 최신버전에서 더 심각한 문제이다
메일 앱이 백그라운드로 메일을 열때도 취약점이 터진다는 것이다
당분간은 기본메일앱은 삭제하는 것으로
어차피 gmail 앱같은 외부앱을 따로 사용하고 있었으므로
'보안' 카테고리의 다른 글
| Go SMS Pro 당장 삭제해야 할 앱 (0) | 2020.11.21 |
|---|---|
| chrome 확장 프로그램을 통한 스파이웨어 (0) | 2020.06.19 |
| 크롬 악성 확장프로그램(암호화폐 사용자) (0) | 2020.04.19 |
| Sandboxie 오픈소스화 (0) | 2020.04.13 |
| SMB 취약점(CVE-2020-0796) (0) | 2020.03.13 |
