Primary

Context

Apple Multi-Touch Framework Memory Corruption Vulnerability Leading to Process Crash

Vulnerability

Patched

A memory corruption vulnerability has been identified in the Multi-Touch framework of multiple Apple operating systems, including watchOS, iOS, iPadOS, macOS Tahoe, visionOS, and tvOS, all version 26.2. This vulnerability allows a malicious Human Interface Device (HID) to cause an unexpected crash of the affected process. The issue arises from inadequate input validation, which creates opportunities for memory corruption.

Impact

Exploitation of this vulnerability can lead to a process crash, causing a denial-of-service condition on the affected device.

Remediation

Users can update to the latest version of watchOS, iOS, iPadOS, macOS Tahoe, visionOS, or tvOS to address this vulnerability. Instructions for updating can be found on the Apple Support website.

Added: Dec 17, 2025, 9:34 PM

Updated: Dec 17, 2025, 10:31 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.3

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

3.3

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Multi-Touch Framework Memory Corruption Vulnerability Leading to Process Crash

Vulnerability

Impact

Remediation

Affected Products

Apple watchOS

Apple iPadOS

Apple macOS Tahoe

Apple tvOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating