← back
CVE-2024-40865

CVE-2024-40865

CVSS 5.3 MEDIUMEPSS 0.4%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Sep 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The issue was addressed by suspending Persona when the virtual keyboard is active. This issue is fixed in visionOS 1.3. Inputs to the virtual keyboard may be inferred from Persona.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Apple · visionOS