CVE-2025-30448: 
macOS vulnerability analysis and mitigation

CVE-2025-30448 is a security vulnerability discovered in Apple's iCloud Document Sharing functionality that was disclosed on May 12, 2025. The vulnerability affects multiple Apple operating systems including macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, and macOS Sequoia 15.4. The issue allows an attacker to turn on sharing of an iCloud folder without proper authentication (Apple Support, NVD).

The vulnerability stems from insufficient entitlement checks in the iCloud Document Sharing system. The issue was assigned a CVSS v3.1 Base Score of 9.1 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. The vulnerability is classified under CWE-862 (Missing Authorization) (NVD).

The vulnerability allows an unauthorized attacker to enable sharing of an iCloud folder without proper authentication, potentially exposing sensitive user data stored in iCloud folders (Apple Support, Apple Support).

Apple has addressed this vulnerability by implementing additional entitlement checks in the affected operating systems. The fix is available in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, and macOS Sequoia 15.4. Users are advised to update their devices to these versions (Apple Support, Apple Support).