CVE-2026-20700_CVE-2026-20700

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.

Basic Information

ID CVE-2026-20700

Source apple

Published Feb 11, 2026 at 22:58

Modified Feb 12, 2026 at 14:25

Affected Product

Vendor Apple

Product macOS

Version unspecified

Affected Versions Apple macOS unspecified
Apple watchOS unspecified
Apple visionOS unspecified
Apple iOS and iPadOS unspecified
Apple tvOS unspecified

CWE Classification

CWE-119

References

{
    "lastseen": "",
    "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.",
    "published": "2026-02-11T22:58:54.448Z",
    "modified": "2026-02-12T14:25:23.393Z",
    "type": "cve",
    "title": "CVE-2026-20700",
    "source": "apple",
    "references": "https://support.apple.com/en-us/126348\nhttps://support.apple.com/en-us/126352\nhttps://support.apple.com/en-us/126353\nhttps://support.apple.com/en-us/126346\nhttps://support.apple.com/en-us/126351",
    "id": "CVE-2026-20700",
    "bulletinFamily": "",
    "cwe": [
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Apple macOS unspecified\nApple watchOS unspecified\nApple visionOS unspecified\nApple iOS and iPadOS unspecified\nApple tvOS unspecified",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "macOS",
    "version": "unspecified",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}