Last Friday, October 3, Unity announced a critical security vulnerability that may impact applications built with the Unity Engine after 2017.1. This includes applications built for Magic Leap 2 with Unity. Unity has assured us there is no evidence of any exploitation of the vulnerability, nor has there been any impact on users or customers.
Unity has provided a detailed description of the issue and multiple paths to remediation. We recommend developers who have built applications for Magic Leap 2, with Unity, patch or rebuild their applications, following the official Unity instructions.
We are currently evaluating the impact of this vulnerability to Magic Leap applications.