Authorization Issue in macOS Products by Apple
CVE-2026-20662

4.6MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 11 February 2026

What is CVE-2026-20662?

An authorization vulnerability has been identified in Apple’s macOS products, impacting users with locked devices. If an attacker has physical access, they may exploit this flaw to access sensitive user information. Apple has addressed this issue in the updates provided for macOS Sequoia 15.7.4 and macOS Tahoe 26.3, enhancing state management to mitigate the risk of unauthorized data exposure.

Affected Version(s)

macOS 0 < 15.7.4

macOS 0 < 26.3

References

https://support.apple.com/en-us/126348

https://support.apple.com/en-us/126349

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Nov 11, 2025

CVE-2026-20662 Data

JSON