iOS 기본 메일 앱 취약점

ZecOps 팀에서 밝힌 iOS 취약점이다 

 

Impact & Key Details (TL;DR) :
- The vulnerability allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume significant amount of memory
- The vulnerability does not necessarily require a large email – a regular email which is able to consume enough RAM would be sufficient. There are many ways to achieve such resource exhaustion including RTF, multi-part, and other methods
- Both vulnerabilities were triggered in-the-wild
- The vulnerability can be triggered before the entire email is downloaded, hence the email content won’t necessarily remain on the device
- We are not dismissing the possibility that attackers may have deleted remaining emails following a successful attack
- Vulnerability trigger on iOS 13: Unassisted (/zero-click) attacks on iOS 13 when Mail application is opened in the background
- Vulnerability trigger on iOS 12: The attack requires a click on the email. The attack will be triggered before rendering the content. The user won’t notice anything anomalous in the email itself
- Unassisted attacks on iOS 12 can be triggered (aka zero click) if the attacker controls the mail server
- The vulnerabilities exist at least since iOS 6 – (issue date: September 2012) – when iPhone 5 was released
- The earliest triggers we have observed in the wild were on iOS 11.2.2 in January 2018

문제는 제로클릭 취약점, 그것도 iOS 13 최신버전에서 더 심각한 문제이다 

메일 앱이 백그라운드로 메일을 열때도 취약점이 터진다는 것이다

 

당분간은 기본메일앱은 삭제하는 것으로

어차피 gmail 앱같은 외부앱을 따로 사용하고 있었으므로