T
his issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Photos in the Hidden Photos Album may be viewed without authentication.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/122371 | Vendor Advisory |
| https://support.apple.com/en-us/122372 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2025/Apr/4 | |
| http://seclists.org/fulldisclosure/2025/Apr/5 |
Configurations
Configuration 1 (hide)
|
History
03 Nov 2025, 22:18
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
07 Apr 2025, 14:00
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
| First Time |
Apple ipados
Apple Apple iphone Os |
|
| References | () https://support.apple.com/en-us/122371 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/122372 - Vendor Advisory |
03 Apr 2025, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
| CWE | CWE-305 | |
| Summary |
|
31 Mar 2025, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-31 23:15
Updated : 2025-11-03 22:18
NVD link : CVE-2025-30428
Mitre link : CVE-2025-30428
CVE.ORG link : CVE-2025-30428
JSON object : View
CWE
CWE-305
Authentication Bypass by Primary Weakness