Physical Access Vulnerability in VisionOS and iOS Devices by Apple
CVE-2025-30439

4.6MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS; Visionos
Vendor: CVE Published:; 31 March 2025

Summary

A vulnerability exists within Apple’s visionOS and iOS platforms, which, if exploited by an attacker with physical access to a locked device, could allow unauthorized viewing of sensitive user information. This issue highlights critical risks associated with device security and the need for improved physical access controls. Apple has addressed the issue in the latest updates, including visionOS 2.4 and iOS 18.4, to enhance checks against unauthorized data access.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

visionOS < 2.4

References

https://support.apple.com/en-us/122371

https://support.apple.com/en-us/122373

https://support.apple.com/en-us/122378

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Mar 22, 2025