High severity7.8NVD Advisory· Published Mar 31, 2025· Updated Apr 2, 2026
CVE-2025-30456
CVE-2025-30456
Description
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <18.4
- (no CPE)range: <18.4
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: <13.7.5
- (no CPE)range: <15.4
- Range: <18.4
- Range: <14.7.5
- Range: <13.7.5
Patches
Vulnerability mechanics
References
8- support.apple.com/en-us/122371nvdRelease NotesVendor Advisory
- support.apple.com/en-us/122373nvdRelease NotesVendor Advisory
- support.apple.com/en-us/122374nvdRelease NotesVendor Advisory
- support.apple.com/en-us/122375nvdRelease NotesVendor Advisory
- seclists.org/fulldisclosure/2025/Apr/10nvd
- seclists.org/fulldisclosure/2025/Apr/4nvd
- seclists.org/fulldisclosure/2025/Apr/8nvd
- seclists.org/fulldisclosure/2025/Apr/9nvd
News mentions
0No linked articles in our index yet.