CVE-2018-4131
Summary
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
References
Advisory Timeline
- Published