Description
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.
Published: 2026-02-11
Score: 3.1 Low
EPSS: < 1% Very Low
KEV: No
Impact: Network Traffic Interception
Action: Immediate Patch
AI Analysis

Impact

This vulnerability is a logic flaw in Apple’s operating systems that can allow an attacker situated on a privileged network segment to intercept network traffic. The flaw is not a code‑execution bug but rather a weakness in how the OS validates certain network operations, classified as CWE‑77. If exploited, the attacker could eavesdrop on traffic between the device and external endpoints, potentially exposing sensitive data transmitted over unencrypted channels.

Affected Systems

Apple’s iOS, iPadOS, macOS, tvOS, visionOS, and watchOS devices are affected. The flaw exists in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, and watchOS 26.3. Devices running earlier releases of these OSes are also vulnerable.

Risk and Exploitability

The CVSS base score of 3.1 signals a low‑to‑moderate severity, while the EPSS of less than 1 % indicates that exploitation in the wild would be uncommon. The vulnerability is not listed in CISA’s KEV catalog, further implying that widespread use has not been observed. Exploitation requires the attacker to have privileged access on the network in which the device resides, after which the attacker can intercept traffic, but it does not grant code execution or full device control.

Generated by OpenCVE AI on April 16, 2026 at 01:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest OS updates that contain the fix—install iOS 18.7.5 or later, iPadOS 18.7.5 or later, macOS Sequoia 15.7.4 or later, macOS Sonoma 14.8.4 or later, macOS Tahoe 26.3 or later, tvOS 26.3 or later, visionOS 26.3 or later, and watchOS 26.3 or later.
  • Place devices in a network zone that does not provide privileged network access to potential attackers, or apply strict network segmentation to isolate them.
  • Enable and enforce secure transport protocols such as TLS for all network communications to reduce the impact if traffic is intercepted.

Generated by OpenCVE AI on April 16, 2026 at 01:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to intercept network traffic. A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.

Tue, 17 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
Weaknesses CWE-77
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Thu, 12 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 3.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos
Vendors & Products Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.
References

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos Tvos Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:09:33.893Z

Reserved: 2025-11-11T14:43:07.866Z

Link: CVE-2026-20671

cve-icon Vulnrichment

Updated: 2026-02-12T16:16:57.131Z

cve-icon NVD

Status : Modified

Published: 2026-02-11T23:16:09.317

Modified: 2026-04-02T19:21:20.737

Link: CVE-2026-20671

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T01:15:20Z

Weaknesses