Apple patches critical zero-day flaw exploited in sophisticated attacks
What's the story
Apple has released security updates to patch a critical zero-day vulnerability, CVE-2026-20700, that was exploited in highly sophisticated attacks against specific individuals. The flaw is an arbitrary code execution vulnerability in dyld, the Dynamic Link Editor used by all of Apple's operating systems including iOS, iPadOS, macOS, tvOS, watchOS and visionOS.
Risk assessment
Google Threat Analysis Group discovered the flaw
Apple's security bulletin warns that an attacker with memory write capability might be able to execute arbitrary code on affected devices. The company is aware of reports that this flaw, along with CVE-2025-14174 and CVE-2025-43529 flaws fixed in December, were exploited in the same incidents. Google Threat Analysis Group discovered CVE-2026-20700 and reported it to Apple.
Update release
Devices and software updates
The vulnerability affects a wide range of devices including iPhone 11 and later models, various generations of iPad Pro, iPad Air (3rd generation and later), iPad (8th generation and later), iPad mini (5th generation and later), as well as Mac devices running macOS Tahoe. Apple has fixed the flaw in its latest software updates: iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3 and visionOS 26.3 respectively.