Cybersecurity automation company ZecOps reported on Wednesday that it had identified a couple of critical zero-day vulnerabilities in the Mail app for iOS. The flaws, which the company says have existed since the release of iOS 6 in 2012, can be exploited to execute arbitrary code in the context of the application by sending a specially crafted email to the targeted user.
An attacker can leverage the vulnerabilities to view, modify or delete the victim’s emails. Combined with other flaws, it may be possible for a hacker to gain full access to a compromised device, ZecOps said.