CVE-2025-30456
Published: 31 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-30456 is a parsing issue in the handling of directory paths that was addressed through improved path validation. The vulnerability affects Apple's iOS and iPadOS prior to version 18.4, as well as macOS Sequoia prior to 15.4, macOS Sonoma prior to 14.7.5, and macOS Ventura prior to 13.7.5. It is classified under CWE-281 and has a CVSS v3.1 base score of 7.8.
The vulnerability can be exploited by a local attacker with no privileges required, though it demands low complexity and user interaction. Successful exploitation allows an app to elevate privileges to root level, potentially granting high-impact confidentiality, integrity, and availability compromises within the unchanged scope.
Apple's security advisories detail the fixes in the specified OS updates, recommending users apply patches immediately to mitigate the issue. Relevant documentation is available at support.apple.com/en-us/122371, support.apple.com/en-us/122373, support.apple.com/en-us/122374, support.apple.com/en-us/122375, and seclists.org/fulldisclosure/2025/Apr/10.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a local privilege escalation vulnerability via improper directory path parsing/validation, allowing an unprivileged app to gain root access; this directly maps to T1068 Exploitation for Privilege Escalation.