CVE-2024-27799: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode in Apple iOS and iPadOS
CVE-2024-27799 is a vulnerability in Apple iOS, iPadOS, and macOS Ventura where an unprivileged app may be able to log keystrokes from other apps, including those using secure input mode. This issue was addressed by Apple through additional entitlement checks in iOS 16. 7. 8, iPadOS 16. 7. 8, and macOS Ventura 13. 6. 7. The CVSS score is 3. 3, indicating a low severity level.
AI Analysis
Technical Summary
CVE-2024-27799 is a security vulnerability affecting Apple iOS, iPadOS, and macOS Ventura where an unprivileged application could log keystrokes from other applications, including those that use secure input mode. The vulnerability arises from insufficient entitlement checks that allowed unauthorized access to keystroke data. Apple fixed this issue by implementing additional entitlement checks in iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7. The CVSS v3.1 base score is 3.3, reflecting a low severity with local attack vector, low complexity, no privileges required, and user interaction needed. The impact is limited to confidentiality loss without integrity or availability impact. No known active exploitation has been reported.
Potential Impact
An unprivileged app could potentially capture keystrokes from other apps, including those using secure input mode, which may lead to unauthorized disclosure of sensitive input data. The impact is limited to confidentiality (partial information disclosure) with no integrity or availability effects. The CVSS score of 3.3 corresponds to a low severity vulnerability. There are no reports of known exploits in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7. Users and administrators should apply these updates promptly to remediate the issue. The vendor advisory confirms the issue is fixed with additional entitlement checks, so no further mitigation steps are required beyond updating to the fixed versions.
CVE-2024-27799: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode in Apple iOS and iPadOS
Description
CVE-2024-27799 is a vulnerability in Apple iOS, iPadOS, and macOS Ventura where an unprivileged app may be able to log keystrokes from other apps, including those using secure input mode. This issue was addressed by Apple through additional entitlement checks in iOS 16. 7. 8, iPadOS 16. 7. 8, and macOS Ventura 13. 6. 7. The CVSS score is 3. 3, indicating a low severity level.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-27799 is a security vulnerability affecting Apple iOS, iPadOS, and macOS Ventura where an unprivileged application could log keystrokes from other applications, including those that use secure input mode. The vulnerability arises from insufficient entitlement checks that allowed unauthorized access to keystroke data. Apple fixed this issue by implementing additional entitlement checks in iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7. The CVSS v3.1 base score is 3.3, reflecting a low severity with local attack vector, low complexity, no privileges required, and user interaction needed. The impact is limited to confidentiality loss without integrity or availability impact. No known active exploitation has been reported.
Potential Impact
An unprivileged app could potentially capture keystrokes from other apps, including those using secure input mode, which may lead to unauthorized disclosure of sensitive input data. The impact is limited to confidentiality (partial information disclosure) with no integrity or availability effects. The CVSS score of 3.3 corresponds to a low severity vulnerability. There are no reports of known exploits in the wild.
Mitigation Recommendations
Apple has released official patches addressing this vulnerability in iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7. Users and administrators should apply these updates promptly to remediate the issue. The vendor advisory confirms the issue is fixed with additional entitlement checks, so no further mitigation steps are required beyond updating to the fixed versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2024-02-26T15:32:28.516Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69ceb81de6bfc5ba1df6e1f6
Added to database: 4/2/2026, 6:40:29 PM
Last enriched: 4/9/2026, 11:11:37 PM
Last updated: 5/20/2026, 8:57:07 PM
Views: 21
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.