
That no-click iOS 0-day reported to be under exploit doesn’t exist, Apple says - close04
https://arstechnica.com/information-technology/2020/04/apple-disputes-report-of-non-click-ios-0day-under-exploit-for-two-years/
======
Pick-A-Hill2019
Ok, so ZecOps say they have a working POC for the 0-Click (which doesn't seem
to be in dispute). What does seem to be in dispute is whether or not either
vulnerability was used in-the-wild. Apple responsed that it would need to be
chained. ZecOps points to a Project Zero blog. Some are questioning about why
if it was able to delete the email why it did not also delete the crash logs.
Not an iOS expert but the original claim was that the exploit was able to run
as maild etc - is that level of access able to delete crash logs?

