This the zero-day WebKit vulnerability that Apple patched in mid-August for current operating systems and Safari. The flaw is so serious and there are reports of it being exploited in the wild that Apple has issued a security advisory covering older devices and iOS versions:
About the security content of iOS 12.5.6 – Apple Support
The devices listed are running iOS 12.5.6:
- iPhone 5s
- iPhone 6
- iPhone 6 Plus
- iPad Air
- iPad mini 2
- iPad mini 3
- iPod touch (6th generation)
This a great move by Apple saving a range of older devices from landfill, by patching a serious security flaw – I do not recall an Android device manufacturer taking any similar types of extended support actions.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Apple Releases Security Updates for Multiple Products | CISA
Apple backports fix for actively exploited iOS zero-day to older iPhones (bleepingcomputer.com)