CVE-2026-28863

// Conceptual PoC for Device Fingerprinting via Permission Bypass // This code simulates an app accessing device info that should be restricted #import <Foundation/Foundation.h> #import <UIKit/UIKit.h> int main(int argc, char * argv[]) { @autoreleasepool { // Simulate accessing restricted device info NSString *deviceModel = [[UIDevice currentDevice] model]; NSString *systemVersion = [[UIDevice currentDevice] systemVersion]; // Hypothetical access to a restricted identifier or system feature // that was supposed to be blocked in older versions NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; NSDictionary *fingerprintData = @{ @"model": deviceModel, @"os": systemVersion, @"restricted_access": @"success" // Proof of bypass }; NSLog(@"Fingerprint Data: %@", fingerprintData); // In a real exploit, this data would be exfiltrated to a remote server } return 0; }

{"cve": {"id": "CVE-2026-28863", "sourceIdentifier": "[email protected]", "published": "2026-03-25T01:17:10.347", "lastModified": "2026-05-10T14:16:49.100", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to fingerprint the user."}, {"lang": "es", "value": "Se abordó un problema de permisos con restricciones adicionales. Este problema está solucionado en iOS 26.4 y iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Una aplicación podría tomar la huella digital del usuario."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.4", "matchCriteriaId": "F813DB63-2B55-4E0B-9073-5465C65F69D6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.4", "matchCriteriaId": "01612D13-BE5B-43F8-B53E-5BF57F2A5B0C"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.4", "matchCriteriaId": "A906E2B7-B83B-4AD0-B00F-BEDEF2EDB844"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.4", "matchCriteriaId": "113B9705-BFF0-4357-B1AB-F57052F32361"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "versionEndExcluding": "26.4", "matchCriteriaId": "F6EAF0A5-7CFF-4EF6-9BC7-DB25B213F753"}]}]}], "references": [{"url": "https://support.apple.com/en-us/126792", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/126797", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/126798", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/126799", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}