CVE-2026-20640

{"id": "CVE-2026-20640", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.9}]}, "published": "2026-02-11T23:16:07.023", "references": [{"url": "https://support.apple.com/en-us/126346", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-703"}]}], "descriptions": [{"lang": "en", "value": "An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac."}, {"lang": "es", "value": "Un problema de interfaz de usuario inconsistente se abord\u00f3 con una gesti\u00f3n de estado mejorada. Este problema se corrigi\u00f3 en iOS 26.3 y iPadOS 26.3. Un atacante con acceso f\u00edsico al iPhone podr\u00eda tomar y ver capturas de pantalla de datos sensibles del iPhone durante la duplicaci\u00f3n de iPhone con Mac."}], "lastModified": "2026-02-17T13:30:27.347", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73ED2212-C513-4BE8-8EDB-40DF4323558E", "versionEndExcluding": "26.3"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEC63AFD-9C97-45CD-80CF-CC60DF064838", "versionEndExcluding": "26.3"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}