Vulnerability: Keystroke Logging via WindowServer Component

Vulnerability: Keystroke Logging via WindowServer Component

CVE-2018-4131 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.

Learn more about our Cis Benchmark Audit For Apple Ios.