Primary

Context

Apple Core Services Path Handling Vulnerability Granting Root Privileges

Vulnerability

Patched

A path handling vulnerability in the Core Services component of multiple Apple operating systems, including iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, and visionOS 26.3, allows an application to gain root privileges. This issue was addressed with improved validation. The vulnerability arises from improper path handling, which could be exploited to escalate privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized root access on the affected device.

Added: Feb 12, 2026, 12:18 AM

Updated: Feb 12, 2026, 12:18 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

3.3

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

3.3

remediation

7.7

relevance

2.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Core Services Path Handling Vulnerability Granting Root Privileges

Vulnerability

Impact

Affected Products

Apple iPadOS

Apple macOS Tahoe

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating