CVE-2024-40865
CVE-2024-40865
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
06 Sep 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The issue was addressed by suspending Persona when the virtual keyboard is active. This issue is fixed in visionOS 1.3. Inputs to the virtual keyboard may be inferred from Persona.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Apple · visionOSReferences
https://support.apple.com/en-us/120915