A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to gain root privileges.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apple
  • Ios And Ipados
  • Macos
  • Tvos
  • Visionos
  • Watchos

No data.

No data.

References
Link Providers
https://support.apple.com/en-us/126346 cve-icon cve-icon
https://support.apple.com/en-us/126348 cve-icon cve-icon
https://support.apple.com/en-us/126350 cve-icon cve-icon
https://support.apple.com/en-us/126351 cve-icon cve-icon
https://support.apple.com/en-us/126352 cve-icon cve-icon
https://support.apple.com/en-us/126353 cve-icon cve-icon
History

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos
Vendors & Products Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to gain root privileges.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2026-02-11T22:58:21.907Z

Updated: 2026-02-11T22:58:21.907Z

Reserved: 2025-11-11T14:43:07.859Z

Link: CVE-2026-20617

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-02-11T23:16:05.263

Modified: 2026-02-12T15:10:37.307

Link: CVE-2026-20617

cve-icon Redhat

No data.