The vulnerability in Apple Mail leads unsuspecting users to malicious codes on their iPhones, so that in the worst case, attackers can gain control over the victims’ devices. This is achieved by sending emails to iOS users that take up a lot of memory and “overload” the device, so to speak. The bugs are not sufficient for full control over the end devices – the attackers have to take further steps for this. However, changing, deleting and publishing e-mails is very possible.
Particularly worrying: According to ZecOps, iOS 13 users don’t even have to actively open the mail; it is sufficient if the mail app is open in the background. With iOS 12, the exploit is only triggered if the malicious emails are also clicked – unless the attacker has previously obtained access to the victim’s mail server.