Recent findings have unveiled a patched security vulnerability affecting Apple’s Vision Pro mixed reality headset, which could potentially expose user data entered through the device’s virtual keyboard.
The flaw, known as GAZEploit and officially labeled as CVE-2024-40865, enables malicious actors to infer eye-related biometric data from the avatar image to reconstruct text input through gaze-controlled typing.
“A novel attack that can infer eye-related biometrics from the avatar image to reconstruct text entered via gaze-controlled typing,” researchers from the University of Florida explained.
The attack exploits the vulnerability in gaze-controlled text entry when users utilize a virtual avatar interface.
Upon responsible disclosure, Apple addressed the issue in visionOS 1.3 update released on July 29, 2024. The vulnerability primarily affects a component called Presence.
“Inputs to the virtual keyboard may be inferred from Persona,” Apple stated in a security advisory, mentioning the resolution involved suspending Persona during virtual keyboard usage.
Essentially, the researchers found that analyzing an avatar’s eye movements could reveal typed text on the virtual keyboard, posing a significant privacy risk for users wearing the headset.
This capability could potentially allow threat actors to intercept sensitive information, such as passwords, by analyzing virtual avatars during video calls, online meetings, or live streams and inferring keystrokes remotely.
The attack relies on a supervised learning model trained on Persona data, eye aspect ratio (EAR), and eye gaze estimation to differentiate typing activities from other VR interactions like watching videos or playing games.
By mapping gaze estimation to virtual keyboard keys and incorporating spatial awareness, the attack reconstructs typed keys based on captured avatar video, marking the first known exploitation of leaked gaze information for remote keystroke inference.