CVE 8.8 HIGH

AirKeyboard iOS App 1.0.5 – Remote Input Injection_CVE-2025-66555

December 4, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Description

AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control.

AI Analysis

Missing authentication vulnerability allowing unauthenticated attackers to inject arbitrary keystrokes into the victim's iOS device

Basic Information

ID CVE-2025-66555

Source VulnCheck

Published Dec 4, 2025 at 20:43

Affected Product

Vendor airkeyboardapp

Product AirKeyboard iOS App

Version 1.0.5

Affected Versions airkeyboardapp AirKeyboard iOS App 1.0.5

CWE Classification

CWE-306

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor airkeyboardapp

Product AirKeyboard iOS App

Version 1.0.5

References

{
    "lastseen": "",
    "description": "AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control.",
    "published": "2025-12-04T20:43:19.829Z",
    "modified": "2025-12-04T20:43:19.829Z",
    "type": "cve",
    "title": "AirKeyboard iOS App 1.0.5 - Remote Input Injection",
    "source": "VulnCheck",
    "references": "https://www.exploit-db.com/exploits/52333\nhttps://airkeyboardapp.com\nhttps://apps.apple.com/us/app/air-keyboard/id6463187929\nhttps://www.vulncheck.com/advisories/airkeyboard-ios-app-105-remote-input-injection",
    "id": "CVE-2025-66555",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "airkeyboardapp AirKeyboard iOS App 1.0.5",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AirKeyboard iOS App",
    "version": "1.0.5",
    "vendor": "airkeyboardapp",
    "ai_description": "Missing authentication vulnerability allowing unauthenticated attackers to inject arbitrary keystrokes into the victim's iOS device",
    "ai_severity": "High",
    "ai_vendor": "airkeyboardapp",
    "ai_product": "AirKeyboard iOS App",
    "ai_version": "1.0.5",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply