{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20603", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-11-11T14:43:07.857Z", "datePublished": "2026-02-11T22:58:38.996Z", "dateUpdated": "2026-04-02T18:20:06.220Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app with root privileges may be able to access private information"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.3", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information."}], "references": [{"url": "https://support.apple.com/en-us/126348"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:20:06.220Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T14:34:49.100365Z", "id": "CVE-2026-20603", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T14:34:54.400Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-20603", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-18T14:34:49.100365Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T14:34:43.996Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.3", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/126348"}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app with root privileges may be able to access private information"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-02-11T22:58:38.996Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20603", "state": "PUBLISHED", "dateUpdated": "2026-02-18T14:34:54.400Z", "dateReserved": "2025-11-11T14:43:07.857Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-02-11T22:58:38.996Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1EEEE88-5ADA-4C55-9C7C-397E904408DD", "versionEndExcluding": "26.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information."}], "id": "CVE-2026-20603", "lastModified": "2026-02-18T15:18:41.853", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-11T23:16:04.110", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126348"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3)"}}], "product": "macos", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-04-16T00:53:50.130913+00:00", "value": {"mitigation_remediation": ["Upgrade macOS to version 26.3 or later, which contains the fix for the redaction issue.", "If an upgrade is not immediately feasible, restrict the use of root privileges for applications that handle sensitive information, ensuring they run with the least privilege necessary.", "Enforce least privilege by disabling the root account or limiting sudo usage, and implement monitoring to detect privileged process activity that accesses sensitive data."], "summary": {"action": "Apply patch", "impact": "Sensitive Information Disclosure"}, "threat_synthesis": {"affected_systems": "Apple\u2019s macOS is affected, specifically versions prior to the release of macOS Tahoe 26.3, which contains the necessary fix. Any build that does not include the 26.3 update may still expose private data to privileged applications.", "description_and_impact": "This vulnerability stems from insufficient redaction of sensitive data in macOS, which allows an application running with root privileges to read private information that should otherwise be protected. The flaw is a classic example of a weak access control (CWE\u2011284). The impact is the potential breach of confidentiality for user data residing on the system.", "risk_and_exploitability": "The CVSS score of 4.4 indicates low to moderate severity, and the EPSS score of less than 1% implies a very low probability of exploitation. This vulnerability is not currently listed in the CISA KEV catalog. The likely attack vector requires an attacker to obtain root privileges on the target machine; once achieved, the attacker could read data that should be confined to non\u2011privileged processes. The overall risk therefore is limited to environments where root access can be leveraged, but the potential exposure of sensitive information warrants timely remediation."}}}}, "created": "2026-02-12T09:02:33.564070+00:00", "title": "Improper Redaction Allows Root-Privileged Apps to Access Private Information in macOS", "updated": "2026-04-16T01:00:19.957616+00:00", "vendors": ["apple", "apple$PRODUCT$macos"]}