{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-30468", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-22T00:04:43.723Z", "datePublished": "2025-09-15T22:34:29.977Z", "dateUpdated": "2026-04-02T18:09:50.145Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Private Browsing tabs may be accessed without authentication"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication."}], "references": [{"url": "https://support.apple.com/en-us/125108"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:09:50.145Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-1390", "lang": "en", "description": "CWE-1390 Weak Authentication"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-16T17:38:11.411217Z", "id": "CVE-2025-30468", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T17:39:24.363Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Sep/49"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:09:01.875Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Sep/49"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T18:09:01.875Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-30468", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-16T17:38:11.411217Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1390", "description": "CWE-1390 Weak Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T17:32:47.778Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125108"}], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Private Browsing tabs may be accessed without authentication"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-11-04T01:15:36.032Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30468", "state": "PUBLISHED", "dateUpdated": "2025-11-04T01:15:36.032Z", "dateReserved": "2025-03-22T00:04:43.723Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-09-15T22:34:29.977Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4221CFD-0208-42B8-AACA-1BE6AEC3BA9A", "versionEndExcluding": "26.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "68DCA17A-424E-4EE3-B005-0F2E42407226", "versionEndExcluding": "26.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication."}], "id": "CVE-2025-30468", "lastModified": "2025-11-03T19:15:49.837", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-15T23:15:29.587", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125108"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Sep/49"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1390"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T00:17:30.413241+00:00", "value": {"mitigation_remediation": ["Upgrade the device to iOS\u202f26 or iPadOS\u202f26, which contains the state\u2011management fix.", "Disable the Private Browsing feature on affected devices using device configuration profiles or the Settings app to prevent unused mitigated functionality.", "Enable automatic system updates or schedule regular manual updates to ensure devices receive future security patches promptly."], "summary": {"action": "Patch Now", "impact": "Unauthorized Access to Private Browsing Tabs"}, "threat_synthesis": {"affected_systems": "Apple iOS and iPadOS devices running versions prior to iOS\u202f26 and iPadOS\u202f26 are impacted. This includes all iPhone models with iOS earlier than 26 and all iPad models with iPadOS earlier than 26 that have the Private Browsing feature enabled.", "description_and_impact": "Improper state management in iOS and iPadOS allows private browsing tabs to be accessed without authentication, potentially exposing session data, browsing history, and other sensitive information to any user who can view the tab. The weakness is classified as CWE\u20111390 and represents a privacy\u2011confidentiality breach rather than a remote code execution flaw.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity, while the EPSS score of less than 1\u202f% shows a very low likelihood of exploitation at this time. The vulnerability is not listed in CISA\u2019s KEV catalog. The likely attack vector is local, as the flaw permits any user with physical or local access to the device to open a private browsing tab and read its content without authentication. No remote or network\u2011based exploitation is described in the available data."}}}}, "created": "2025-09-17T10:06:38.380556+00:00", "title": "Unauthorized Access to Private Browsing Tabs via Improper State Management", "updated": "2026-04-28T00:30:15.453770+00:00", "vendors": ["apple", "apple$PRODUCT$ios", "apple$PRODUCT$ipados"]}