PT-2026-7798 · Apple · Tvos+8

George Karchemsky

Published

2026-02-11

Updated

2026-03-13

CVE-2026-20675

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions 26.3 macOS Sonoma versions 14.8.4 macOS Sequoia version 15.7.4 watchOS versions 26.3 tvOS versions 26.3 iOS versions 18.7.5 and 26.3 iPadOS versions 18.7.5 and 26.3 visionOS version 26.3

Description Processing a maliciously crafted image may lead to disclosure of user information. The issue was addressed with improved bounds checks.

Recommendations Update to watchOS version 26.3. Update to tvOS version 26.3. Update to macOS Tahoe version 26.3. Update to macOS Sonoma version 14.8.4. Update to macOS Sequoia version 15.7.4. Update to iOS version 18.7.5. Update to iPadOS version 18.7.5. Update to visionOS version 26.3. Update to iOS version 26.3. Update to iPadOS version 26.3.

Fix

RCE

Out of bounds Read

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-77

Related Identifiers

BDU:2026-02316

CVE-2026-20675

ZDI-26-174

Affected Products

Apple Macos

Ios

Ipados

Macos Sequoia

Macos Sonoma

Macos Tahoe

Tvos

Visionos

Watchos

PT-2026-7798 · Apple · Tvos+8

CVE-2026-20675

Weakness Enumeration

Related Identifiers

Affected Products

References · 18