PT-2026-27597 · Apple · Macos Sequoia+6

Rosyna Keller

Publicado

2026-03-24

Atualizado

2026-05-11

CVE-2026-28877

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Tahoe versions prior to 26.4 visionOS versions prior to 26.4 watchOS versions prior to 26.4

Description An authorization issue existed due to improved state management, potentially allowing an application to access sensitive user data. The issue involved leaking the real, user-set device name without requiring the proper entitlement.

Recommendations Update iOS to version 26.4. Update iPadOS to version 26.4. Update macOS Sequoia to version 15.7.5. Update macOS Tahoe to version 26.4. Update visionOS to version 26.4. Update watchOS to version 26.4.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2026-28877

Produtos afetados

Apple Macos

Ios

Ipados

Macos Sequoia

Macos Tahoe

Visionos

Watchos

PT-2026-27597 · Apple · Macos Sequoia+6

CVE-2026-28877

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11