CVE-2025-30445

Published: Apr 29, 2025Modified: Apr 2, 2026

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

Affected (8)

Products: Apple: Ipados, Iphone Os, Macos, Tvos, Visionos

5 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 17.7.6
Apple Ipados	From 18.0 to 18.4
Apple Iphone Os	Before 18.4
Apple Macos	Before 13.7.5
Apple Macos	From 14.0 to 14.7.5
Apple Macos	From 15.0 to 15.4
Apple Tvos	Before 18.4
Apple Visionos	Before 2.4

Related CWEs

Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References (7)

https://support.apple.com/en-us/122371

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122372

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122373

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122374

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122375

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122377

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/122378

Source: product-security@apple.com

Release NotesVendor Advisory

Timeline

No history available yet.