Skip to main content

Apple CVE-2026-20684

| EUVDEUVD-2026-15056 LOW
Improper Access Control (CWE-284)
2026-03-25 apple GHSA-8j6h-jv9f-2r4r
3.3
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
26.4
EUVD ID Assigned
Mar 25, 2026 - 01:00 euvd
EUVD-2026-15056
Analysis Generated
Mar 25, 2026 - 01:00 vuln.today
CVE Published
Mar 25, 2026 - 00:31 nvd
LOW 3.3

DescriptionCVE.org

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checks.

AnalysisAI

A permissions validation flaw in macOS Tahoe allows applications to circumvent Gatekeeper security checks, potentially enabling execution of untrusted or malicious code that would normally be blocked by Apple's code signing and notarization mechanisms. This vulnerability affects macOS Tahoe versions prior to 26.4 and is fixed in the 26.4 release. An attacker with the ability to distribute a specially crafted application could bypass endpoint security controls designed to protect users from unsigned or malicious software.

Technical ContextAI

Gatekeeper is macOS's foundational security mechanism that validates code signatures and notarization status before allowing application execution. This vulnerability represents a weakness in the permission validation logic within Gatekeeper's enforcement layer, allowing applications to bypass these checks through insufficient access control validation. The issue is classified as a permissions/authorization bypass vulnerability affecting the core macOS operating system (CPE: cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*). Rather than a specific CWE being disclosed, the root cause appears to be improper input validation or authorization checks in the Gatekeeper subsystem's permission enforcement mechanism.

RemediationAI

Immediately upgrade to macOS Tahoe 26.4 or later to remediate this vulnerability. Users should navigate to System Settings > General > Software Update and install all available updates. Organizations should prioritize deployment of this patch across all macOS Tahoe systems given the critical nature of Gatekeeper bypass. Until patching is completed, enforce application execution policies through third-party endpoint detection and response solutions and restrict administrative privileges to limit the scope of compromise if a malicious application is executed.

Share

CVE-2026-20684 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy