9.8
CVE-2025-30465
- EPSS 0.99%
- Veröffentlicht 31.03.2025 23:15:27
- Zuletzt bearbeitet 02.04.2026 19:19:41
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma 14.7.5, macOS Sonoma 14.8.2, macOS Tahoe 26.1, macOS Ventura 13.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.99% | 0.583 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-276 Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
https://support.apple.com/en-us/122374
https://support.apple.com/en-us/122375
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122372
http://seclists.org/fulldisclosure/2025/Apr/8
http://seclists.org/fulldisclosure/2025/Apr/10
http://seclists.org/fulldisclosure/2025/Apr/5
http://seclists.org/fulldisclosure/2025/Apr/9
https://support.apple.com/en-us/125636
https://support.apple.com/en-us/125635
https://support.apple.com/en-us/125634