CVE-2026-20700 - Vulnerability Details

- Memory Corruption Allows Arbitrary Code Execution on Apple Operating Systems

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

Published: 2026-02-11

Score: 7.8 High

EPSS: < 1% Very Low

KEV: Yes

Impact:

Action:

Analysis

Impact

A memory corruption flaw allows an attacker with memory write capabilities to run code of their choice. The vulnerability is tied to improper state handling and can be triggered by writing to memory buffers, leading to execution of arbitrary instructions. This poses a severe threat to confidentiality, integrity, and system availability, permitting full compromise of the affected device.

Affected Systems

Apple iOS, iPadOS, macOS, tvOS, visionOS, and watchOS are impacted. All releases before version 26.3 of each operating system are vulnerable, including iOS 26.2 and earlier, iPadOS 26.2 and earlier, macOS Tahoe 26.2 and earlier, tvOS 26.2 and earlier, visionOS 26.2 and earlier, and watchOS 26.2 and earlier.

Risk and Exploitability

The CVSS score of 7.8 indicates a high‑severity vulnerability, and the EPSS score of less than 1% suggests a low to moderate probability of exploitation under typical conditions. Nonetheless, the vulnerability is listed in CISA’s KEV catalog and has a documented exploitation against targeted individuals in older iOS versions, implying a real-world threat. The likely attack vector requires memory write capability, which could be achieved via local privilege escalation, malicious applications, or a compromised kernel. Once exploited, the attacker can achieve arbitrary code execution with the privileges of the compromised process.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

iOS and iPadOS

affected

Version	Status	Constraints
`0`	affected	< 26.3

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 26.3

Apple

tvOS

affected

Version	Status	Constraints
`0`	affected	< 26.3

Apple

visionOS

affected

Version	Status	Constraints
`0`	affected	< 26.3

Apple

watchOS

affected

Version	Status	Constraints
`0`	affected	< 26.3

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

No data.

Vendor Product Confidence Versions

Apple

Ios And Ipados

—

Version	Status	Scheme	Platform
`[0,26.3)`	affected	generic	—

Apple

Macos

—

Version	Status	Scheme	Platform
`[0,26.3)`	affected	generic	—

Apple

Tvos

—

Version	Status	Scheme	Platform
`[0,26.3)`	affected	generic	—

Apple

Visionos

—

Version	Status	Scheme	Platform
`[0,26.3)`	affected	generic	—

Apple

Watchos

—

Version	Status	Scheme	Platform
`[0,26.3)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Install the latest operating system update (iOS 26.3, iPadOS 26.3, macOS 26.3, tvOS 26.3, visionOS 26.3, or watchOS 26.3) on all affected devices.
Reboot the device after installing the update to ensure the patch takes effect.
Continuously monitor system logs for signs of unauthorized code execution or memory corruption attempts, and investigate any anomalies promptly.

Generated by OpenCVE AI on April 15, 2026 at 20:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Feb. 12, 2026.

The EPSS score is 0.00391.

Exploitation active

Automatable no

Technical Impact total

References

Link	Providers
https://support.apple.com/en-us/126346
https://support.apple.com/en-us/126348
https://support.apple.com/en-us/126351
https://support.apple.com/en-us/126352
https://support.apple.com/en-us/126353
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20700

History

Wed, 15 Apr 2026 21:15:00 +0000

Type	Values Removed	Values Added
Title		Memory Corruption Allows Arbitrary Code Execution on Apple Operating Systems

Wed, 25 Mar 2026 15:45:00 +0000

Type	Values Removed	Values Added
Description	A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

Thu, 12 Feb 2026 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20700
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 12 Feb 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple ipados Apple iphone Os
CPEs		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:visionos:::::::: cpe:2.3:o:apple:watchos::::::::
Vendors & Products		Apple ipados Apple iphone Os
Metrics		kev `{'dateAdded': '2026-02-12T00:00:00+00:00', 'dueDate': '2026-03-05T00:00:00+00:00'}`

Thu, 12 Feb 2026 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-119
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 12 Feb 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple ios And Ipados Apple macos Apple tvos Apple visionos Apple watchos
Vendors & Products		Apple Apple ios And Ipados Apple macos Apple tvos Apple visionos Apple watchos

Wed, 11 Feb 2026 23:15:00 +0000

Type	Values Removed	Values Added
Description		A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.
References		https://support.apple.com/en-us/126346 https://support.apple.com/en-us/126348 https://support.apple.com/en-us/126351 https://support.apple.com/en-us/126352 https://support.apple.com/en-us/126353

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos Tvos Visionos Watchos

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2026-02-11T22:58:54.448Z

Updated: 2026-04-02T18:23:25.647Z

Reserved: 2025-11-11T14:43:07.877Z

Link: CVE-2026-20700

Vulnrichment

Updated: 2026-02-12T14:22:57.029Z

NVD

Status : Analyzed

Published: 2026-02-11T23:16:10.670

Modified: 2026-03-25T17:39:37.227

Link: CVE-2026-20700

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-15T21:00:09Z

Weaknesses

CWE-119

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation active

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object