CVE-2025-66555

N/A Unknown

Authentication Bypass

📋 TL;DR

AirKeyboard iOS App 1.0.5 has a missing authentication vulnerability that allows unauthenticated attackers to remotely inject arbitrary keystrokes into victims' iOS devices without user interaction. This gives attackers full remote input control over affected devices. All users of AirKeyboard iOS App version 1.0.5 are affected.

💻 Affected Systems

Products:

• AirKeyboard iOS App

Versions: 1.0.5

Operating Systems: iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration of version 1.0.5. Requires app to be running and accessible.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

1. Review the CVE details at NVD
2. Check vendor security advisories for your specific version
3. Test if the vulnerability is exploitable in your environment
4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover allowing attackers to type commands, access sensitive data, install malware, or perform unauthorized transactions in real-time.

🟠

Likely Case

Unauthorized input injection leading to data theft, account compromise, or malicious actions performed on the victim's device.

🟢

If Mitigated

Limited impact if network segmentation prevents external access and app is only used in trusted environments.

🌐 Internet-Facing: HIGH - Attackers can exploit remotely without authentication if the app is accessible over networks.

🏢 Internal Only: MEDIUM - Requires local network access but still exploitable by internal attackers or compromised devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available and requires no authentication. Simple network-based attack.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

1. Check App Store for updated version of AirKeyboard. 2. If no update available, uninstall the app immediately. 3. Monitor vendor communications for security updates.

🔧 Temporary Workarounds

Network Isolation

all

Restrict network access to AirKeyboard app using firewall rules or network segmentation

App Removal

ios

Uninstall AirKeyboard app from all iOS devices until patched version is available

🧯 If You Can't Patch

• Disable or uninstall AirKeyboard app immediately
• Isolate affected devices from untrusted networks and implement strict network segmentation

🔍 How to Verify

Check if Vulnerable:

Copy

Check iOS device for AirKeyboard app version 1.0.5. If installed and version is 1.0.5, device is vulnerable.

Check Version:

Copy

On iOS: Settings > General > iPhone Storage > Find AirKeyboard app > Check version

Verify Fix Applied:

Copy

Verify AirKeyboard app is either updated to a version newer than 1.0.5 or completely uninstalled from the device.

📡 Detection & Monitoring

Log Indicators:

• Unexpected network connections to AirKeyboard service
• Unusual input events without user interaction

Network Indicators:

• Unauthorized connections to AirKeyboard port/service
• Suspicious network traffic to iOS devices running AirKeyboard

SIEM Query:

Copy

Network traffic to iOS devices on AirKeyboard service ports from unauthorized sources

📊 Metadata

CVE ID: CVE-2025-66555

CVSS v3 Score: N/A (Unknown)

CWE: CWE-306

EPSS Score: 0.36% exploit probability (57.3th percentile)

Published: December 4, 2025

Last Updated: December 8, 2025

🔗 References

• https://airkeyboardapp.com
• https://apps.apple.com/us/app/air-keyboard/id6463187929
• https://www.exploit-db.com/exploits/52333
• https://www.vulncheck.com/advisories/airkeyboard-ios-app-105-remote-input-injection

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66555, you might also want to check these:

CVE-2025-32433 10.0

This CVE describes a critical vulnerability in Erlang/OTP's SSH server that allows unauthenticated r...

Same vulnerability type (CWE-306)

CVE-2026-23693 10.0

The ElementsKit Lite WordPress plugin versions before 3.7.9 expose an unauthenticated REST endpoint ...

Same vulnerability type (CWE-306)

CVE-2025-58083 10.0

The General Industrial Controls Lynx+ Gateway has a critical authentication bypass vulnerability in ...

Same vulnerability type (CWE-306)