Apple iOS iPadOS Schwachstelle ermöglicht Offenlegung von Informationen CVSS 5.1
Summary
CERT-Bund issued security advisory WID-SEC-2026-1244 disclosing a vulnerability in Apple iOS and iPadOS that allows an attacker to disclose information. Affected versions include iOS and iPadOS below 26.4.2 and below 18.7.8. The vulnerability has a CVSS Base Score of 5.1 (medium) and CVSS Temporal Score of 4.5 (medium); remote attack is not possible. Organizations running affected Apple mobile devices should verify their OS versions and apply available updates.
“Ein Angreifer kann eine Schwachstelle in Apple iOS und Apple iPadOS ausnutzen, um Informationen offenzulegen.”
About this source
CERT-Bund is the German federal cybersecurity agency's incident response team, run by the BSI. Their advisory feed publishes vulnerability disclosures and active exploitation warnings for software in widespread enterprise use: VPN appliances, email servers, file transfer products, ERP systems, browsers, hypervisors. Around 280 advisories a month, each with a CVSS score, affected versions, and remediation guidance. The advisories are written in German but cover the same vulnerabilities that show up in CISA, NCSC-UK, and JPCERT bulletins, often hours earlier. Watch this if you patch enterprise software, run a SOC, or write detection rules. GovPing publishes each advisory with the affected vendor, CVSS score, and original CERT-Bund link.
What changed
CERT-Bund published security advisory WID-SEC-2026-1244 disclosing an information disclosure vulnerability in Apple iOS and iPadOS. The vulnerability affects iOS versions below 26.4.2 and 18.7.8, and iPadOS versions below 26.4.2 and 18.7.8, with a CVSS Base Score of 5.1 (medium). Remote attack is not possible and a mitigation is available.
Organizations managing Apple mobile devices should inventory affected iPhones, iPads, and iPod Touch devices, verify current OS versions against the affected ranges, and apply available updates or mitigations to close the information disclosure vulnerability.
Archived snapshot
Apr 23, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
[WID-SEC-2026-1244] Apple iOS und iPadOS: Schwachstelle ermöglicht Offenlegung von Informationen CVSS Base Score 5.1 (mittel) CVSS Temporal Score 4.5 (mittel) Remoteangriff nein Datum 22.04.2026 Stand 23.04.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- iPhoneOS
Produktbeschreibung
Das Apple iOS (vormals iPhone OS) ist das Betriebssystem für das von Apple entwickelte Smartphone iPhone, iPad und iPod Touch.
Das Apple iPadOS ist das Betriebssystem für das von Apple entwickelte iPad.
Produkte
22.04.2026
- Apple iOS <26.4.2
Apple iOS <18.7.8
Apple iPadOS <18.7.8
Apple iPadOS <26.4.2
Angriff
Angriff
Ein Angreifer kann eine Schwachstelle in Apple iOS und Apple iPadOS ausnutzen, um Informationen offenzulegen. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Get daily alerts for CERT-Bund Security Advisories
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CERT-Bund.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.