This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.

Related CVEs

CVE-2024-27799

Key Information

GHSA ID

GHSA-rfp9-6j63-rc88

Published

June 10, 2024 9:30 PM

Last Modified

July 2, 2024 9:32 PM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 13, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.