CVE-2026-20649
Improper Data Redaction in Apple OS Logging Exposes Sensitive Data
Publication date: 2026-02-11
Last updated on: 2026-04-02
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ipados | to 26.3 (exc) |
| apple | iphone_os | to 26.3 (exc) |
| apple | macos | to 26.3 (exc) |
| apple | tvos | to 26.3 (exc) |
| apple | watchos | to 26.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-377 | Creating and using insecure temporary files can leave application and system data vulnerable to attack. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is related to a logging issue where sensitive user information could be exposed due to insufficient data redaction in logs.
The issue has been addressed by improving data redaction mechanisms in various Apple operating systems including watchOS, iOS, iPadOS, tvOS, and macOS Tahoe.
If unpatched, a user may be able to view sensitive information that should have been protected.
How can this vulnerability impact me? :
This vulnerability can impact you by potentially exposing sensitive user information through logs that were not properly redacted.
If an attacker or unauthorized user gains access to these logs, they may be able to view confidential data that could lead to privacy breaches or further exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Apple devices to the fixed versions: watchOS 26.3, iOS 26.3, iPadOS 26.3, tvOS 26.3, or macOS Tahoe 26.3.