CVE-2025-30457

CVE-2025-30457 is a symlink validation vulnerability (CWE-59: Improper Link Resolution before Boundaries Checking) affecting macOS systems. It allows a malicious app to create symlinks pointing to protected regions of the disk, bypassing intended access controls. The issue has been addressed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5 through improved symlink validation. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts on confidentiality, integrity, and availability.

A remote attacker with no privileges or user interaction can exploit this flaw by delivering a malicious app to the target system. Once executed, the app can create symlinks to restricted disk areas, potentially enabling unauthorized read, write, or deletion of sensitive data in protected locations, such as system files or user directories.

Apple security advisories detail the fix via enhanced symlink checks and recommend updating to the patched versions (macOS Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5) as the primary mitigation. Additional details are available in the referenced support bulletins at https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, and https://support.apple.com/en-us/122375, along with full disclosure postings on seclists.org.