CVE-2026-20693
Medium
Low
Medium
High
Critical
4.9
CVSS Score
Vulnerability Description
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An attacker with root privileges may be able to delete protected system files.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
N
Attack Complexity
L
Privileges Required
H
User Interaction
N
Scope
U
Confidentiality
N
Integrity
H
Availability
N
Known Affected Software
40 configuration(s) from 1 vendor(s)
macos
Version:
15.4
CPE:
cpe:2.3:o:apple:macos:15.4:*:*:*:*:*:*:*
macos
Version:
14.3
CPE:
cpe:2.3:o:apple:macos:14.3:*:*:*:*:*:*:*
macos
Version:
14.4
CPE:
cpe:2.3:o:apple:macos:14.4:*:*:*:*:*:*:*
macos
Version:
15.0
CPE:
cpe:2.3:o:apple:macos:15.0:*:*:*:*:*:*:*
macos
Version:
15.6
CPE:
cpe:2.3:o:apple:macos:15.6:*:*:*:*:*:*:*
macos
Version:
14.7.6
CPE:
cpe:2.3:o:apple:macos:14.7.6:*:*:*:*:*:*:*
macos
Version:
14.4.1
CPE:
cpe:2.3:o:apple:macos:14.4.1:*:*:*:*:*:*:*
macos
Version:
14.7.3
CPE:
cpe:2.3:o:apple:macos:14.7.3:*:*:*:*:*:*:*
macos
Version:
14.1
CPE:
cpe:2.3:o:apple:macos:14.1:*:*:*:*:*:*:*
macos
Version:
15.1.1
CPE:
cpe:2.3:o:apple:macos:15.1.1:*:*:*:*:*:*:*
macos
Version:
14.1.1
CPE:
cpe:2.3:o:apple:macos:14.1.1:*:*:*:*:*:*:*
macos
Version:
14.7.2
CPE:
cpe:2.3:o:apple:macos:14.7.2:*:*:*:*:*:*:*
macos
Version:
14.2.1
CPE:
cpe:2.3:o:apple:macos:14.2.1:*:*:*:*:*:*:*
macos
Version:
14.7.8
CPE:
cpe:2.3:o:apple:macos:14.7.8:*:*:*:*:*:*:*
macos
Version:
15.5
CPE:
cpe:2.3:o:apple:macos:15.5:*:*:*:*:*:*:*
macos
Version:
15.7
CPE:
cpe:2.3:o:apple:macos:15.7:*:*:*:*:*:*:*
macos
Version:
14.8.1
CPE:
cpe:2.3:o:apple:macos:14.8.1:*:*:*:*:*:*:*
macos
Version:
15.3.2
CPE:
cpe:2.3:o:apple:macos:15.3.2:*:*:*:*:*:*:*
macos
Version:
14.6
CPE:
cpe:2.3:o:apple:macos:14.6:*:*:*:*:*:*:*
macos
Version:
14.8
CPE:
cpe:2.3:o:apple:macos:14.8:*:*:*:*:*:*:*
macos
Version:
15.6.1
CPE:
cpe:2.3:o:apple:macos:15.6.1:*:*:*:*:*:*:*
macos
Version:
26.0.0
CPE:
cpe:2.3:o:apple:macos:26.0.0:*:*:*:*:*:*:*
macos
Version:
14.8.2
CPE:
cpe:2.3:o:apple:macos:14.8.2:*:*:*:*:*:*:*
macos
Version:
14.7.5
CPE:
cpe:2.3:o:apple:macos:14.7.5:*:*:*:*:*:*:*
macos
Version:
15.2
CPE:
cpe:2.3:o:apple:macos:15.2:*:*:*:*:*:*:*
macos
Version:
15.7.2
CPE:
cpe:2.3:o:apple:macos:15.7.2:*:*:*:*:*:*:*
macos
Version:
14.5
CPE:
cpe:2.3:o:apple:macos:14.5:*:*:*:*:*:*:*
macos
Version:
15.3.1
CPE:
cpe:2.3:o:apple:macos:15.3.1:*:*:*:*:*:*:*
macos
Version:
14.2
CPE:
cpe:2.3:o:apple:macos:14.2:*:*:*:*:*:*:*
macos
Version:
14.7.1
CPE:
cpe:2.3:o:apple:macos:14.7.1:*:*:*:*:*:*:*
macos
Version:
15.4.1
CPE:
cpe:2.3:o:apple:macos:15.4.1:*:*:*:*:*:*:*
macos
Version:
15.1
CPE:
cpe:2.3:o:apple:macos:15.1:*:*:*:*:*:*:*
macos
Version:
15.7.1
CPE:
cpe:2.3:o:apple:macos:15.7.1:*:*:*:*:*:*:*
macos
Version:
14.1.2
CPE:
cpe:2.3:o:apple:macos:14.1.2:*:*:*:*:*:*:*
macos
Version:
14.7
CPE:
cpe:2.3:o:apple:macos:14.7:*:*:*:*:*:*:*
macos
Version:
15.3
CPE:
cpe:2.3:o:apple:macos:15.3:*:*:*:*:*:*:*
macos
Version:
26.0
CPE:
cpe:2.3:o:apple:macos:26.0:*:*:*:*:*:*:*
macos
Version:
14.7.7
CPE:
cpe:2.3:o:apple:macos:14.7.7:*:*:*:*:*:*:*
macos
Version:
14.0
CPE:
cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*
macos
Version:
14.7.4
CPE:
cpe:2.3:o:apple:macos:14.7.4:*:*:*:*:*:*:*
This vulnerability affects 40 software configuration(s). Ensure you patch all affected systems.
References & Resources
Severity Details
4.9
out of 10.0
Medium
Weakness Type (CWE)
CWE-732
Incorrect Permission Assignment for Critical Resource
- Description
- The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Class
Key Information
- Published Date
- March 25, 2026
