The issue, first reported by San Francisco-based cybersecurity firm ZecOps, has reportedly been slipping through the cracks since iOS 6, which released in 2012, and poses a major threat to the security of Mail and iPhone/iPad users, The Verge reported.
All attackers have to do is send a malicious email
While ZecOps denied sharing specific details of the flaw, they did emphasize that it can be triggered by simply sending a malicious email.
"The attack's scope consists of sending a specially crafted email to a victim's mailbox enabling it to trigger the vulnerability in the context of iOS MobileMail application on iOS 12 or maild on iOS 13," the firm's report said.
Fortune 500 company employees involved in the attacks
Providing details of the attack, the security company says that at least six high-profile individuals, including an executive of a Japanese mobile carrier and employees of a Fortune 500 company, have been compromised via Mail app exploits.
However, the firm did not share evidence of the exploit or the malicious code sent to trigger the vulnerability.