cve-2024-40865
Vulnerability from cvelistv5
Published
2024-09-06 01:23
Modified
2024-09-06 13:17
Severity
Summary
The issue was addressed by suspending Persona when the virtual keyboard is active. This issue is fixed in visionOS 1.3. Inputs to the virtual keyboard may be inferred from Persona.
References
SourceURLTags
product-security@apple.comhttps://support.apple.com/en-us/120915
Impacted products
VendorProduct
ApplevisionOS
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40865",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-06T13:17:02.255819Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-06T13:17:43.102Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "1.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The issue was addressed by suspending Persona when the virtual keyboard is active. This issue is fixed in visionOS 1.3. Inputs to the virtual keyboard may be inferred from Persona."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inputs to the virtual keyboard may be inferred from Persona",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-06T01:23:53.981Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/120915"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2024-40865",
    "datePublished": "2024-09-06T01:23:53.981Z",
    "dateReserved": "2024-07-10T17:11:04.715Z",
    "dateUpdated": "2024-09-06T13:17:43.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-40865\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2024-09-06T02:15:02.297\",\"lastModified\":\"2024-09-06T12:08:04.550\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The issue was addressed by suspending Persona when the virtual keyboard is active. This issue is fixed in visionOS 1.3. Inputs to the virtual keyboard may be inferred from Persona.\"},{\"lang\":\"es\",\"value\":\"El problema se solucion\u00f3 suspendiendo Persona cuando el teclado virtual estaba activo. Este problema se solucion\u00f3 en visionOS 1.3. Las entradas del teclado virtual se pueden inferir desde Persona.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://support.apple.com/en-us/120915\",\"source\":\"product-security@apple.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.