Apple has addressed CVE-2026-20700, a dyld vulnerability enabling arbitrary code execution, exploited alongside two other flaws in highly targeted operations. Users should immediately update affected devices.
Apple has released emergency security updates to patch a critical zero-day vulnerability exploited in what the company describes as "extremely sophisticated" attacks against specific individuals. The flaw, tracked as CVE-2026-20700, affects dyld (the Dynamic Link Editor), a core component across Apple's operating systems including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS.
According to Apple's security bulletin, attackers with memory write capabilities could exploit this vulnerability to execute arbitrary code on compromised devices. Google's Threat Analysis Group discovered the flaw and reported it to Apple. The company confirmed this vulnerability was exploited alongside two previously patched flaws (CVE-2025-14174 and CVE-2025-43529) in coordinated operations against targeted victims.
"An attacker with memory write capability may be able to execute arbitrary code," Apple stated in its advisory. While technical details of the exploitation remain undisclosed, the company emphasized the attacks were highly targeted rather than broad-based campaigns.
Affected devices include:
- iPhone 11 and later
- iPad Pro 12.9-inch (3rd generation and later)
- iPad Pro 11-inch (1st generation and later)
- iPad Air (3rd generation and later)
- iPad (8th generation and later)
- iPad mini (5th generation and later)
- Macs running macOS Tahoe
The patches are included in:
- iOS 18.7.5
- iPadOS 18.7.5
- macOS Tahoe 26.3
- tvOS 26.3
- watchOS 26.3
- visionOS 26.3
Security experts emphasize that while these attacks were narrowly targeted, the same vulnerability could be weaponized more broadly if left unpatched. "Sophisticated attacks often serve as early warning systems," notes security researcher Kyla Pearce from the SANS Institute. "What starts as targeted exploitation frequently evolves into widespread threats once vulnerabilities become public. Immediate patching removes this attack vector before it can be mass-exploited."
Practical steps for users:
- Navigate to Settings > General > Software Update on iOS/iPadOS devices
- For Macs, go to System Settings > General > Software Update
- Enable automatic updates for continuous protection
- Verify successful installation of the specified version numbers
This marks Apple's first zero-day patch for 2026, following seven such vulnerabilities addressed in 2025. The rapid succession of patches underscores the increasing value of Apple device exploits in targeted operations. Users should prioritize these updates regardless of perceived risk level, as the technical barrier for exploitation typically decreases over time.
Comments
Please log in or register to join the discussion