Description
The issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4. An attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps with the passcode.
Published: 2026-03-25
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized use of biometrics‑gated Protected Apps via physical access
Action: Apply Patch
AI Analysis

Impact

A flaw in the enforcement of Stolen Device Protection on iOS and iPadOS allows a physically present attacker to bypass the biometric requirement and unlock protected applications using only the device’s passcode. The weakness is a missing or improper access control (CWE‑284). The compromise permits unauthorized data access or manipulation within the protected app’s sandbox.

Affected Systems

The vulnerability affects Apple iOS and iPadOS devices running any version prior to 26.4. The issue has been fixed in both operating systems with the 26.4 release.

Risk and Exploitability

The CVSS base score of 4.6 indicates a moderate impact, while an EPSS score below 1% suggests a low probability of exploitation in the wild. The flaw is not listed in the CISA KEV catalog. Attackers would need physical proximity to the device and the Stolen Device Protection feature enabled to attempt this attack.

Generated by OpenCVE AI on March 26, 2026 at 20:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device to iOS 26.4 or iPadOS 26.4 to apply the vendor patch.
  • Verify that the operating system has been updated to the latest available security release.
  • If an update is not immediately possible, consider disabling Stolen Device Protection as a temporary measure, noting that this may reduce device security.

Generated by OpenCVE AI on March 26, 2026 at 20:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126792 cve-icon cve-icon
History

Fri, 27 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Physical Access to iOS Device with Stolen Device Protection

Thu, 26 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Title Local Attack Enables Unauthorized Access to Biometric‑Gated Protected Apps
Weaknesses CWE-287

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Local Attack Enables Unauthorized Access to Biometric‑Gated Protected Apps
Weaknesses CWE-287

Wed, 25 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Vendors & Products Apple
Apple ios And Ipados

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4. An attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps with the passcode.
References

Subscriptions

Apple Ios And Ipados Ipados Iphone Os
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:16:49.698Z

Reserved: 2026-03-03T16:36:03.981Z

Link: CVE-2026-28895

cve-icon Vulnrichment

Updated: 2026-03-25T20:21:03.352Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T01:17:12.973

Modified: 2026-03-26T18:58:05.020

Link: CVE-2026-28895

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:53:45Z

Weaknesses