Description
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges.
Published: 2026-05-11
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authorization flaw may allow a malicious application to gain root privileges on iOS, iPadOS, and macOS. The vulnerability stems from improper state management that fails to enforce correct privilege boundaries, described as a type of privilege escalation weakness. If an attacker can run or influence a vulnerable app, they can obtain full system control, enabling the installation of malware, the modification of sensitive data, and a compromise of overall system integrity.

Affected Systems

Apple iOS versions 18.7.9 and 26.5, iPadOS versions 18.7.9 and 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5 are affected. The issue is resolved in each of the stated releases and newer ones.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity vulnerability. The EPSS score is below 1%, suggesting a very low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector appears to be the execution of a malicious or compromised application that exploits the flawed state handling to elevate privileges, though this inference is drawn from the description and is not explicitly detailed in the CVE data.

Generated by OpenCVE AI on May 12, 2026 at 15:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to iOS 18.7.9 or later, iPadOS 18.7.9 or later, or macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, or macOS Tahoe 26.5 or later, which contain the state‑management fix
  • Remove or update any third‑party applications that could exploit the bug, ensuring you apply the latest vendor patches for those apps
  • Restrict app installation and execution to trusted sources, enforce strong authentication, and monitor for unauthorized root‑level processes

Generated by OpenCVE AI on May 12, 2026 at 15:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Tue, 12 May 2026 16:15:00 +0000

Type Values Removed Values Added
Title Authorization flaw allows root privilege escalation via improper state management

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-863
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 11 May 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Vendors & Products Apple
Apple ios And Ipados
Apple macos

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges.
References

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-13T03:57:41.974Z

Reserved: 2026-03-03T16:36:03.990Z

Link: CVE-2026-28951

cve-icon Vulnrichment

Updated: 2026-05-12T12:56:14.273Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-11T21:18:56.167

Modified: 2026-05-12T17:23:09.870

Link: CVE-2026-28951

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T16:00:13Z

Weaknesses