CVE-2025-30465
published 2025-03-31CVE-2025-30465: A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma 14.7.5, macOS Sonoma 14.8.2, macOS Tahoe 26.1, macOS Ventura 13.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ipados | < 17.7.6 | 17.7.6 |
| apple | ipados | — | — |
| apple | macos | < 14.7.5 | 14.7.5 |
| apple | macos | < 14.8.2 | 14.8.2 |
| apple | macos | < 15.4 | 15.4 |
| apple | macos | < 15.7.2 | 15.7.2 |
| apple | macos | < 26.1 | 26.1 |
| apple | macos | < 13.7.5 | 13.7.5 |
| apple | macos | >= 14.0 < 14.7.5 | 14.7.5 |
| apple | macos | >= 15.0 < 15.4 | 15.4 |
| apple | macos_sequoia | — | — |
| apple | macos_sequoia | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_tahoe | — | — |
| apple | macos_ventura | — | — |
Apple
CVE-2025-30465: macOS Sequoia 15.7.2
vendor_apple·2025-11-03·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Sequoia 15.7.2
Apple Security Update: About the security content of macOS Sequoia 15.7.2
Product: macOS Sequoia
Version: 15.7.2
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: macOS Tahoe 26.1
vendor_apple·2025-11-03·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Tahoe 26.1
Apple Security Update: About the security content of macOS Tahoe 26.1
Product: macOS Tahoe
Version: 26.1
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: macOS Sonoma 14.8.2
vendor_apple·2025-11-03·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Sonoma 14.8.2
Apple Security Update: About the security content of macOS Sonoma 14.8.2
Product: macOS Sonoma
Version: 14.8.2
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: macOS Sonoma 14.7.5
vendor_apple·2025-03-31·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Sonoma 14.7.5
Apple Security Update: About the security content of macOS Sonoma 14.7.5
Product: macOS Sonoma
Version: 14.7.5
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: macOS Ventura 13.7.5
vendor_apple·2025-03-31·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Ventura 13.7.5
Apple Security Update: About the security content of macOS Ventura 13.7.5
Product: macOS Ventura
Version: 13.7.5
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: macOS Sequoia 15.4
vendor_apple·2025-03-31·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: macOS Sequoia 15.4
Apple Security Update: About the security content of macOS Sequoia 15.4
Product: macOS Sequoia
Version: 15.4
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
Apple
CVE-2025-30465: iPadOS 17.7.6
vendor_apple·2025-03-31·CVSS 9.8
CVE-2025-30465 [CRITICAL] CVE-2025-30465: iPadOS 17.7.6
Apple Security Update: About the security content of iPadOS 17.7.6
Product: iPadOS
Version: 17.7.6
CVE: CVE-2025-30465
Component: Shortcuts
Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app
Description: A permissions issue was addressed with improved validation.
GHSA
GHSA-m47h-9h3r-rqw8: A permissions issue was addressed with improved validation
ghsa_unreviewed·2025-04-01
CVE-2025-30465 [CRITICAL] CWE-276 GHSA-m47h-9h3r-rqw8: A permissions issue was addressed with improved validation
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/122372https://support.apple.com/en-us/122373https://support.apple.com/en-us/122374https://support.apple.com/en-us/122375https://support.apple.com/en-us/125634https://support.apple.com/en-us/125635https://support.apple.com/en-us/125636http://seclists.org/fulldisclosure/2025/Apr/10http://seclists.org/fulldisclosure/2025/Apr/5http://seclists.org/fulldisclosure/2025/Apr/8http://seclists.org/fulldisclosure/2025/Apr/9
2025-03-31
Published