CVE-2018-4131

CVE-2018-4131

EPSS 1.2%

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://twitter.com/boastr_net/status/979624397664333824 http://www.securityfocus.com/bid/103581 http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608