Vulnerability-Lookup

CNVD-2026-17911

Vulnerability from cnvd - Published: 2026-04-21

Title

多款Apple产品越界访问漏洞

Description

Apple iOS是一套为移动设备所开发的操作系统。Apple tvOS是一套智能电视操作系统。Apple iPadOS是一套用于iPad平板电脑的操作系统。多款Apple产品存在越界访问漏洞，攻击者可利用该漏洞在处理恶意媒体文件中的音频流时终止进程。

Severity

高

Patch Name

多款Apple产品越界访问漏洞的补丁

Patch Description

Apple iOS是一套为移动设备所开发的操作系统。Apple tvOS是一套智能电视操作系统。Apple iPadOS是一套用于iPad平板电脑的操作系统。多款Apple产品存在越界访问漏洞，攻击者可利用该漏洞在处理恶意媒体文件中的音频流时终止进程。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.apple.com/en-us/126792

Reference

https://support.apple.com/en-us/126792

Impacted products

Name
['Apple macOS Sonoma <14.8.5', 'Apple iPadOS <26.4', 'Apple macOS Tahoe <26.4', 'Apple iOS <26.4', 'Apple tvOS <26.4', 'Apple visionOS <26.4', 'Apple watchOS <26.4', 'Apple iOS <18.7.7', 'Apple iPadOS <18.7.7', 'Apple macOS Sequoia <15.7.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-20690",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-20690"
    }
  },
  "description": "Apple iOS\u662f\u4e00\u5957\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Apple tvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\u3002Apple iPadOS\u662f\u4e00\u5957\u7528\u4e8eiPad\u5e73\u677f\u7535\u8111\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\n\u591a\u6b3eApple\u4ea7\u54c1\u5b58\u5728\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5904\u7406\u6076\u610f\u5a92\u4f53\u6587\u4ef6\u4e2d\u7684\u97f3\u9891\u6d41\u65f6\u7ec8\u6b62\u8fdb\u7a0b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.apple.com/en-us/126792",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-17911",
  "openTime": "2026-04-21",
  "patchDescription": "Apple iOS\u662f\u4e00\u5957\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Apple tvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\u3002Apple iPadOS\u662f\u4e00\u5957\u7528\u4e8eiPad\u5e73\u677f\u7535\u8111\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eApple\u4ea7\u54c1\u5b58\u5728\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5904\u7406\u6076\u610f\u5a92\u4f53\u6587\u4ef6\u4e2d\u7684\u97f3\u9891\u6d41\u65f6\u7ec8\u6b62\u8fdb\u7a0b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eApple\u4ea7\u54c1\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple macOS Sonoma \u003c14.8.5",
      "Apple iPadOS \u003c26.4",
      "Apple macOS Tahoe \u003c26.4",
      "Apple iOS \u003c26.4",
      "Apple tvOS \u003c26.4",
      "Apple visionOS \u003c26.4",
      "Apple watchOS \u003c26.4",
      "Apple iOS \u003c18.7.7",
      "Apple iPadOS \u003c18.7.7",
      "Apple macOS Sequoia \u003c15.7.5"
    ]
  },
  "referenceLink": "https://support.apple.com/en-us/126792",
  "serverity": "\u9ad8",
  "submitTime": "2026-03-31",
  "title": "\u591a\u6b3eApple\u4ea7\u54c1\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2026-20690 (GCVE-0-2026-20690)

Vulnerability from cvelistv5 – Published: 2026-03-25 00:32 – Updated: 2026-04-02 18:22

Summary

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

Processing an audio stream in a maliciously crafted media file may terminate the process

Assigner

apple

References

URL

Tags

	https://support.apple.com/en-us/126792
	https://support.apple.com/en-us/126793
	https://support.apple.com/en-us/126794
	https://support.apple.com/en-us/126795
	https://support.apple.com/en-us/126796
	https://support.apple.com/en-us/126797
	https://support.apple.com/en-us/126798
	https://support.apple.com/en-us/126799

Impacted products

Vendor

Product

Version

Apple

iOS and iPadOS

Affected: 0 , < 18.7.7 (custom)
Affected: 0 , < 26.4 (custom)

Apple	macOS	Affected: 0 , < 14.8.5 (custom) Affected: 0 , < 15.7.5 (custom) Affected: 0 , < 26.4 (custom)
Apple	tvOS	Affected: 0 , < 26.4 (custom)
Apple	visionOS	Affected: 0 , < 26.4 (custom)
Apple	watchOS	Affected: 0 , < 26.4 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-20690",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-25T16:16:28.897241Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-25T16:16:56.263Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "18.7.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "26.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "14.8.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.7.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "26.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "26.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "visionOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "26.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "26.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing an audio stream in a maliciously crafted media file may terminate the process",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-02T18:22:40.105Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/126792"
        },
        {
          "url": "https://support.apple.com/en-us/126793"
        },
        {
          "url": "https://support.apple.com/en-us/126794"
        },
        {
          "url": "https://support.apple.com/en-us/126795"
        },
        {
          "url": "https://support.apple.com/en-us/126796"
        },
        {
          "url": "https://support.apple.com/en-us/126797"
        },
        {
          "url": "https://support.apple.com/en-us/126798"
        },
        {
          "url": "https://support.apple.com/en-us/126799"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2026-20690",
    "datePublished": "2026-03-25T00:32:41.721Z",
    "dateReserved": "2025-11-11T14:43:07.876Z",
    "dateUpdated": "2026-04-02T18:22:40.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-17911

CVE-2026-20690 (GCVE-0-2026-20690)

Tags

Sightings

Nomenclature