CVE-2025-30438

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-30438
This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/122371 Vendor Advisory Release Notes
https://support.apple.com/en-us/122373 Vendor Advisory Release Notes
https://support.apple.com/en-us/122374 Vendor Advisory Release Notes
https://support.apple.com/en-us/122375 Vendor Advisory Release Notes
https://support.apple.com/en-us/122377 Vendor Advisory Release Notes
https://support.apple.com/en-us/122378 Vendor Advisory Release Notes
https://support.apple.com/en-us/122376 Vendor Advisory Release Notes
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
History

26 Sep 2025, 16:28

Type Values Removed Values Added
References () https://support.apple.com/en-us/122371 - Vendor Advisory () https://support.apple.com/en-us/122371 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122373 - Vendor Advisory () https://support.apple.com/en-us/122373 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122374 - Vendor Advisory () https://support.apple.com/en-us/122374 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122375 - Vendor Advisory () https://support.apple.com/en-us/122375 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122377 - Vendor Advisory () https://support.apple.com/en-us/122377 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122378 - Vendor Advisory () https://support.apple.com/en-us/122378 - Vendor Advisory, Release Notes
References () https://support.apple.com/en-us/122376 - () https://support.apple.com/en-us/122376 - Vendor Advisory, Release Notes

28 Aug 2025, 18:15

Type Values Removed Values Added
References
  • () https://support.apple.com/en-us/122376 -

26 Aug 2025, 13:00

Type Values Removed Values Added
CPE cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
First Time Apple watchos

07 Apr 2025, 13:33

Type Values Removed Values Added
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
First Time Apple visionos
Apple macos
Apple iphone Os
Apple tvos
Apple
Apple ipados
References () https://support.apple.com/en-us/122371 - () https://support.apple.com/en-us/122371 - Vendor Advisory
References () https://support.apple.com/en-us/122373 - () https://support.apple.com/en-us/122373 - Vendor Advisory
References () https://support.apple.com/en-us/122374 - () https://support.apple.com/en-us/122374 - Vendor Advisory
References () https://support.apple.com/en-us/122375 - () https://support.apple.com/en-us/122375 - Vendor Advisory
References () https://support.apple.com/en-us/122377 - () https://support.apple.com/en-us/122377 - Vendor Advisory
References () https://support.apple.com/en-us/122378 - () https://support.apple.com/en-us/122378 - Vendor Advisory

02 Apr 2025, 16:17

Type Values Removed Values Added
Summary
  • (es) Este problema se solucionó mejorando las restricciones de acceso. Este problema está corregido en visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 y iPadOS 18.4, macOS Sequoia 15.4 y macOS Sonoma 14.7.5. Una aplicación maliciosa podría ignorar la notificación del sistema en la pantalla de bloqueo que indica el inicio de una grabación.
CWE CWE-284
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

31 Mar 2025, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-31 23:15

Updated : 2025-09-26 16:28

NVD link : CVE-2025-30438

Mitre link : CVE-2025-30438

CVE.ORG link : CVE-2025-30438

JSON object : View

Products Affected

apple

  • iphone_os
  • visionos
  • ipados
  • macos
  • tvos
  • watchos
CWE
CWE-284

Improper Access Control