Apple’s latest 35.4 MB update of iOS 7.0.6 doesn’t seem important at first, but it contains a critical security patch that addresses a flaw with SSL encryption. The vulnerability assigned CVE-2014-1266 and affects both the iOS and OS X operating systems. If an attacker has access to a mobile user’s network, such as both are sharing same wireless service, the hacker could intercept communication between the user and protected sites such as Gmail and Facebook. Apple did not say when or how it learned about the weakness nor did it say whether the flaw was being exploited.
Source: https://thehackernews.com/2014/02/apples-ios-vulnerable-to-man-in-middle.html