Another vulnerability was discovered by researcher Kishan Bagaria: he found out that the continuous sending of documents to nearby Apple devices leads to a denial of service. To do this, the ability to receive files through the AirDrop mechanism from anyone (and not just from users in your contact list) must be enabled on the iPad or iPhone. The bug was expectedly called AirDoS: the bottom line is that the request to receive the file must be accepted or rejected, and until this is done, other controls on the mobile device are not available. If you send requests constantly, the tablet or smartphone is in fact inoperative. The bug was closed in iOS 13.3 by introducing a limit on the number of attempts: if you reject the request three times in a row, all subsequent attempts to send a file from the same device are blocked automatically.
On December 10, Apple released a large set of patches for macOS, iOS (including iPadOS) and watchOS. Perhaps the most dangerous of the closed bugs was the FaceTime vulnerability, affecting all Apple mobile devices starting with iPhone 6s and iPad Air 2. As with the recently discovered vulnerability in WhatsApp, the problem was found in the processing system of incoming video files: a malicious video could lead to execution of arbitrary code. Vulnerability CVE-2019-8830 was discovered by Natalie Silvanovich, a researcher at the Google Project Zero team: last year she wrote in detail about the security of instant messengers, including FaceTime (you can start with an article a year ago with examples of previously discovered vulnerabilities in the application).