CVE-2026-20611
Description
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.012
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.8.4 (Software Update)(Auto Reboot) | Mac |
| Multiple vulnerabilities are fixed in Mac OS Sequoia 15.7.4 (Software Update) (Auto Reboot) | Mac |
| Multiple vulnerabilities are fixed in macOS Tahoe 26.3 (Software Update) (Auto Reboot) | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.8.4 (Software Update)(Auto Reboot)(Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in Mac OS Sequoia 15.7.4 (Software Update) (Auto Reboot)(Deployment-Only) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-613564 | Mac OS - Sonoma 14.8.4 (Software Update)(Auto Reboot)(Deployment-Only) |
| PATCH-613563 | Mac OS Sequoia 15.7.4 (Software Update) (Auto Reboot)(Deployment-Only) |
| PATCH-613562 | macOS Tahoe 26.3 (Software Update) (Auto Reboot) |
| PATCH-613564 | Mac OS - Sonoma 14.8.4 (Software Update)(Auto Reboot)(Deployment-Only) |
| PATCH-613563 | Mac OS Sequoia 15.7.4 (Software Update) (Auto Reboot)(Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234