Unauthorized iCloud Folder Sharing in Apple Products
CVE-2025-30448

Currently unrated

Key Information:

Vendor

Apple
Status
iPad OS
iOS And iPad OS
Mac OS
Visionos
Vendor
CVE Published:
12 May 2025

What is CVE-2025-30448?

A security flaw in Apple's iCloud service allows attackers to enable sharing of iCloud folders without proper authentication, potentially compromising user privacy and data security. Apple has addressed this vulnerability in several product updates, enhancing entitlement checks to prevent unauthorized access.

Affected Version(s)

iOS and iPadOS < 18.5

iPadOS < 17.7

macOS < 14.7

References

https://support.apple.com/en-us/122405
https://support.apple.com/en-us/122404
https://support.apple.com/en-us/122717

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-30448 : Unauthorized iCloud Folder Sharing in Apple Products