CVE-2018-4131
N/A
N/A
Summary
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/HT208692
- http://www.securitytracker.com/id/1040604
- http://www.securityfocus.com/bid/103581
- https://twitter.com/boastr_net/status/979624397664333824
- https://support.apple.com/HT208693
- http://www.securitytracker.com/id/1040608
References
- https://support.apple.com/HT208692
- http://www.securitytracker.com/id/1040604
- http://www.securityfocus.com/bid/103581
- https://twitter.com/boastr_net/status/979624397664333824
- https://support.apple.com/HT208693
- http://www.securitytracker.com/id/1040608
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.