Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-30448

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, macOS Sequoia 15.4. An attacker may be able to turn on sharing of an iCloud folder without authentication.

Published

2025-05-12T22:15:21.190

Last Modified

2025-05-27T13:57:52.663

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses

Type: Secondary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	apple	ipados	< 17.7.7	Yes
Operating System	apple	ipados	< 18.5	Yes
Operating System	apple	iphone_os	< 18.5	Yes
Operating System	apple	macos	< 13.7.6	Yes
Operating System	apple	macos	< 14.7.6	Yes
Operating System	apple	macos	< 15.4	Yes
Operating System	apple	visionos	< 2.5	Yes

References

https://support.apple.com/en-us/122373 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122404 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122405 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122717 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122718 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/122721 Release Notes, Vendor Advisory ([email protected])