CVE-2018-4131: High severity macos high sierra vulnerability

Q: What is CVE-2018-4131?

CVE-2018-4131 is a vulnerability that allows attackers to log keystrokes entered into arbitrary apps on certain Apple products.

Q: Which Apple products are affected by CVE-2018-4131?

iOS before 11.3 and macOS before 10.13.4 are affected.

Q: What is the severity of CVE-2018-4131?

CVE-2018-4131 has a severity rating of 7.8 (high).

Q: How can I fix CVE-2018-4131?

To fix CVE-2018-4131, update your iOS device to version 11.3 or higher and update macOS to version 10.13.4 or higher.

Q: Where can I find more information about CVE-2018-4131?

You can find more information about CVE-2018-4131 at the following references: [http://www.securityfocus.com/bid/103581](http://www.securityfocus.com/bid/103581), [http://www.securitytracker.com/id/1040604](http://www.securitytracker.com/id/1040604), [http://www.securitytracker.com/id/1040608](http://www.securitytracker.com/id/1040608)

Published Mar 29, 2018

Updated

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states.

Other sources

WindowServer. By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by improved state management.

Credit

Andreas Hegenberg(folivora)

Affected Software

6 affected componentsFixes available

Apple macOS High Sierra<10.13.4

10.13.4

Apple Sierra

Apple El Capitan

Apple iOS<11.3

11.3

Apple iPhone OS<11.3

Apple iOS and macOS<10.13.4

Event History

Apr 3, 2018

CVE Published

via MITRE·06:00 AM

Data Sourced

via MITRE·06:00 AM

Description

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2018-4170
CVE-2018-4105
CVE-2018-4112
CVE-2018-4166
CVE-2018-4155
CVE-2018-4158
CVE-2018-4142
CVE-2017-13890
CVE-2017-8816
CVE-2018-4176
CVE-2018-4108
CVE-2017-13080
CVE-2018-4167
CVE-2018-4151
CVE-2018-4132
CVE-2018-4135
CVE-2018-4150
CVE-2018-4104
CVE-2018-4143
CVE-2018-4136
CVE-2018-4160
CVE-2018-4185
CVE-2018-4139
CVE-2018-4175
CVE-2017-15412
CVE-2018-4187
CVE-2018-4179
CVE-2018-4111
CVE-2018-4174
CVE-2018-4152
CVE-2017-7151
CVE-2018-4138
CVE-2018-4107
CVE-2018-4156
CVE-2018-4157
CVE-2018-4298
CVE-2018-4144
CVE-2017-13911
CVE-2018-4173
CVE-2018-4154
CVE-2018-4115
CVE-2018-4106
CVE-2018-4131
CVE-2018-4177
CVE-2018-4123
CVE-2018-4390
CVE-2018-4391
CVE-2018-4168
CVE-2018-4172
CVE-2018-4134
CVE-2018-4137
CVE-2018-4149
CVE-2018-4140
CVE-2018-4148
CVE-2018-4110
CVE-2018-4101
CVE-2018-4114
CVE-2018-4118
CVE-2018-4119
CVE-2018-4120
CVE-2018-4121
CVE-2018-4122
CVE-2018-4125
CVE-2018-4127
CVE-2018-4128
CVE-2018-4129
CVE-2018-4130
CVE-2018-4161
CVE-2018-4162
CVE-2018-4163
CVE-2018-4165
CVE-2018-4113
CVE-2018-4146
CVE-2018-4117
CVE-2018-4207
CVE-2018-4208
CVE-2018-4209
CVE-2018-4210
CVE-2018-4212
CVE-2018-4213
CVE-2018-4145

Frequently Asked Questions

What is CVE-2018-4131?

CVE-2018-4131 is a vulnerability that allows attackers to log keystrokes entered into arbitrary apps on certain Apple products.

Which Apple products are affected by CVE-2018-4131?