Description
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
Published: 2025-03-31
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation to Root
Action: Immediate Patch
AI Analysis

Impact

An application on Apple devices can exploit a parsing flaw in the handling of directory paths. The vulnerability, classified as CWE‑281, allows an app to bypass normal access controls and obtain root privileges if it can influence how the OS processes a constructed path. The flaw was specifically addressed in iOS 18.4/iPadOS 18.4 and macOS Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5.

Affected Systems

Devices running affected releases of iOS, iPadOS, or macOS are vulnerable. This includes any iPhone, iPad, or macOS computer on versions of the operating system prior to the specified patch levels. The issue has been fixed in iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, so systems running those or later releases are not exposed.

Risk and Exploitability

The CVSS v3.1 score of 7.8 reflects moderate to high severity. The EPSS score is reported as less than 1 %, indicating that exploitation is unlikely to appear frequently in the wild, and the vulnerability is not currently included in the CISA KEV catalog. Nonetheless, because the flaw enables arbitrary elevation to root, the potential impact is critical. It is inferred that the attacker must supply a malicious directory path through an application that processes such paths; the exploit would be executed within the context of that application, possibly through a bundled or downloaded component. Because the vulnerability involves local path parsing, the likely attack vector involves a user‑installed application or script executing with elevated privileges on a device.

Generated by OpenCVE AI on April 28, 2026 at 19:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest iOS, iPadOS, or macOS releases that contain the fix (iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5).
  • For devices that cannot be updated immediately, restrict the installation of third‑party applications that manipulate file paths and monitor for abnormal path access, applying device‑management controls where available.
  • Enable System Integrity Protection on macOS and enforce sandboxing limits on iOS apps that handle path inputs, ensuring that any vulnerability in directory parsing cannot elevate privileges beyond sandbox boundaries.

Generated by OpenCVE AI on April 28, 2026 at 19:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-8903 A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges.
History

Tue, 28 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Title Directory Path Parsing Flaw Allowing Root Privilege Escalation on Apple Devices

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges. A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.

Mon, 03 Nov 2025 22:30:00 +0000

Type Values Removed Values Added
References

Fri, 04 Apr 2025 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos

Thu, 03 Apr 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-281
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 31 Mar 2025 22:45:00 +0000

Type Values Removed Values Added
Description A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges.
References

Subscriptions

Apple Ipados Iphone Os Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:21:52.786Z

Reserved: 2025-03-22T00:04:43.720Z

Link: CVE-2025-30456

cve-icon Vulnrichment

Updated: 2025-11-03T21:15:42.475Z

cve-icon NVD

Status : Modified

Published: 2025-03-31T23:15:27.120

Modified: 2026-04-02T19:19:40.277

Link: CVE-2025-30456

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:15:25Z

Weaknesses