Vulnerability: Keystroke Logging via WindowServer Component
CVE-2018-4131 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.
Learn more about our Cis Benchmark Audit For Apple Ios.