Description
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.
Published: 2026-03-25
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Sandbox escape
Action: Immediate Patch
AI Analysis

Impact

Apple Reports a path handling issue that allows an application to escape its sandbox. The vulnerability is a form of path traversal (CWE‑22) that, if exploited, enables an app to access files or resources outside its authorized scope, potentially granting elevated privileges or access to sensitive data. The issue was addressed by improved validation in newer releases of Apple operating systems.

Affected Systems

The flaw affects Apple iOS, iPadOS, macOS, and visionOS. Versions prior to iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, and visionOS 26.4 are vulnerable.

Risk and Exploitability

The CVSS score of 9.3 indicates a high‑severity condition. The EPSS score of less than 1% suggests low exploitation probability, and the flaw is not listed in the CISA KEV catalog. The attack vector is inferred to be local; an attacker would need to trick a user into running a malicious application or otherwise supply a crafted path to cause the sandbox to be bypassed.

Generated by OpenCVE AI on March 26, 2026 at 18:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest OS updates available for iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, and visionOS 26.4

Generated by OpenCVE AI on March 26, 2026 at 18:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 09:30:00 +0000

Type Values Removed Values Added
Title Apple Platforms: Path Traversal Allows App Sandbox Escape

Thu, 26 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Thu, 26 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Title Path Handling Flaw Enabling Sandbox Escape on Apple Operating Systems
Weaknesses CWE-20
CWE-22

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Path Handling Flaw Enabling Sandbox Escape on Apple Operating Systems
Weaknesses CWE-20
CWE-22

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Apple visionos
Vendors & Products Apple
Apple ios And Ipados
Apple macos
Apple visionos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos Visionos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:09:01.742Z

Reserved: 2025-11-11T14:43:07.873Z

Link: CVE-2026-20688

cve-icon Vulnrichment

Updated: 2026-03-26T14:44:31.247Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T01:17:05.690

Modified: 2026-03-26T17:10:45.890

Link: CVE-2026-20688

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:20:18Z

Weaknesses