← back
CVE-2018-4131

CVE-2018-4131

EPSS 1.2%
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/HT208692https://support.apple.com/HT208693https://twitter.com/boastr_net/status/979624397664333824http://www.securityfocus.com/bid/103581http://www.securitytracker.com/id/1040604http://www.securitytracker.com/id/1040608