Address Bar Spoofing Vulnerability in Safari and Apple Devices
CVE-2025-30467

Currently unrated

Key Information:

Vendor
Apple
Status
iOS And iPad OS
Mac OS
Safari
Vendor
CVE Published:
31 March 2025

Summary

A security issue in Safari and various Apple operating systems allows attackers to conduct address bar spoofing via malicious websites. This vulnerability could mislead users into believing they are interacting with legitimate websites, exposing them to potential phishing attacks. Apple has addressed this issue by implementing improved checks in recent updates for Safari and its other operating systems, including iOS, iPadOS, and macOS Sequoia.

Affected Version(s)

iOS and iPadOS < 18.4

macOS < 15.4

Safari < 18.4

References

https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122379

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.