← back
CVE-2026-20655

CVE-2026-20655

CVSS 5.5 MEDIUMEPSS 0.1%CWE-287
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Apple · iOS and iPadOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/en-us/126346https://support.apple.com/en-us/126347