CVE-2026-20677
Analyzed Analyzed - Analysis Complete
Race Condition in Apple OS Symbolic Link Handling Enables Sandbox Bypass

Publication date: 2026-02-11

Last updated on: 2026-04-02

Assigner: Apple Inc.

Description
A race condition was addressed with improved handling of symbolic links. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. A shortcut may be able to bypass sandbox restrictions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-11
Last Modified
2026-04-02
Generated
2026-05-07
AI Q&A
2026-02-12
EPSS Evaluated
2026-05-05
NVD
CVE-2026-20677
EUVD
EUVD-2026-6233
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
apple visionos to 26.3 (exc)
apple ipados to 18.7.5 (exc)
apple ipados From 26.0 (inc) to 26.3 (exc)
apple iphone_os to 18.7.5 (exc)
apple iphone_os From 26.0 (inc) to 26.3 (exc)
apple macos to 14.8.4 (exc)
apple macos From 26.0 (inc) to 26.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-362 The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
CWE-367 The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a race condition related to the handling of symbolic links in certain Apple operating systems. Due to this issue, a shortcut (symbolic link) might be exploited to bypass sandbox restrictions, potentially allowing unauthorized access or actions.


How can this vulnerability impact me? :

The vulnerability could allow an attacker to bypass sandbox restrictions on affected Apple devices. This means that malicious shortcuts might enable unauthorized access to system resources or data that should be isolated, potentially compromising system security.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update your Apple devices to the fixed versions of the operating systems as soon as possible.

  • macOS Tahoe 26.3
  • macOS Sonoma 14.8.4
  • iOS 18.7.5 and iPadOS 18.7.5
  • visionOS 26.3
  • iOS 26.3 and iPadOS 26.3

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart