CVE-2025-30444
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-30444 is a race condition vulnerability (CWE-362) addressed through improved locking mechanisms in Apple's macOS operating system. It affects macOS Sequoia versions prior to 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. The issue arises in the component handling SMB network shares, where mounting a maliciously crafted SMB share can trigger the race condition.
With a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), the vulnerability enables remote exploitation over the network with low complexity, no required privileges, and no user interaction. An unauthenticated attacker can craft and host a malicious SMB share, leading a target system to mount it and suffer high-impact consequences, including system termination.
Apple's security advisories confirm the fix in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, recommending immediate updates to mitigate the risk. Further technical details and potential proof-of-concept information appear in the referenced Apple support pages (https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375) and Full Disclosure mailing list archives (http://seclists.org/fulldisclosure/2025/Apr/10, http://seclists.org/fulldisclosure/2025/Apr/8).
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The race condition in macOS SMB share handling allows remote unauthenticated exploitation via a malicious SMB share, directly resulting in system termination (high availability impact) through application/system exploitation.