Apple watchOS
Moderate fix1 remedy
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*
Moderate fix1 remedy
Apple Icons Permission Vulnerability Allowing App Data Access
Vulnerability
Patched
A permissions vulnerability has been identified in the Icons component of various Apple operating systems, including watchOS 26.2, iOS 18.7.3, iPadOS 18.7.3, macOS Tahoe 26.2, visionOS 26.2, and tvOS 26.2. This vulnerability allows an app to determine which other apps a user has installed. The issue arises from insufficient restrictions on app permissions, which could potentially be exploited to access information about the user's app installations.
Impact
Exploitation of this vulnerability could lead to unauthorized identification of other installed apps on the user's device.
Remediation
Users can update to the latest version of watchOS, iOS, iPadOS, macOS Tahoe, visionOS, or tvOS to address this vulnerability. Instructions for updating can be found on the Apple Support website.
Added: Dec 17, 2025, 9:28 PM
Updated: Dec 17, 2025, 9:28 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
0.6exploitability
4.7remediation
7.7relevance
1.5threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.