Ethical Hacking News
Apple has patched a decade-old zero-day vulnerability affecting every version of iOS since 1.0, which was allegedly used in an "extremely sophisticated attack" against targeted individuals. The patch addresses CVE-2026-20700, a vulnerability that allows attackers with memory write capability to execute arbitrary code.
Apple has released a patch for a decade-old zero-day vulnerability (CVE-2026-20700) in iOS. The vulnerability affects every version of iOS since 1.0 and allows attackers to execute arbitrary code. This vulnerability was identified by Google's Threat Analysis Group and is considered "extremely sophisticated". It creates a "zero-click" or "one-click" path to total control, bypassing browser security checks. The vulnerability has been exploited in the wild, potentially as part of an exploit chain against targeted individuals.
Apple has recently released a patch for a decade-old zero-day vulnerability affecting every version of iOS since 1.0, which was allegedly used in an "extremely sophisticated attack" against targeted individuals. The vulnerability, identified as CVE-2026-20700, affects the dynamic linker dyld, allowing attackers with memory write capability to execute arbitrary code.
The discovery of this vulnerability was made by Google's Threat Analysis Group, who also referenced two other vulnerabilities discovered in December 2025 that carry high CVSS scores. These vulnerabilities include CVE-2025-14174, an out-of-bounds memory access flaw in Google Chrome's ANGLE graphics engine on Mac, and CVE-2025-43529, a use-after-free leading to code execution.
According to Brian Milbier, deputy CISO at Huntress, the dyld vulnerability allows attackers to trick Apple's dynamic linker into handing over a master key before security checks even begin. This level of sophistication is reminiscent of exploits developed by commercial surveillance companies that sell spyware tools like Pegasus and Predator to government clients.
Milbier further explained that this vulnerability creates a "zero-click" or "one-click" path to total control, where attackers can bypass the front gate (the browser) and exploit the doorman's flaw to take over the entire system. This level of sophistication is "in a different league" from other updates in the patch, which address minor issues such as data leakage from physical access.
Apple has acknowledged that this vulnerability was exploited in the wild and may have been part of an exploit chain. The company's advisory stated: "An attacker with memory write capability may be able to execute arbitrary code." Apple is now aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
In addition to the dyld vulnerability, Apple has also released patches for various other bugs, including flaws that grant root access and disclose sensitive user information. However, it is worth noting that CVE-2026-20700 is the only one of these patches that was specifically mentioned as being exploited in the wild.
Related Information:
https://www.ethicalhackingnews.com/articles/Apple-Patches-Decade-Old-iOS-Zero-Day-Exploit-Used-by-Commercial-Spyware-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/12/apple_ios_263/
https://www.msn.com/en-us/news/technology/apple-patches-decade-old-ios-zero-day-possibly-exploited-by-commercial-spyware/ar-AA1Wd5yl
https://www.securityweek.com/apple-patches-ios-zero-day-exploited-in-extremely-sophisticated-attack/
https://nvd.nist.gov/vuln/detail/CVE-2025-14174
https://www.cvedetails.com/cve/CVE-2025-14174/
https://nvd.nist.gov/vuln/detail/CVE-2025-43529
https://www.cvedetails.com/cve/CVE-2025-43529/
https://nvd.nist.gov/vuln/detail/CVE-2026-20700
https://www.cvedetails.com/cve/CVE-2026-20700/
Published: Tue Feb 17 14:21:24 2026 by llama3.2 3B Q4_K_M
