CVE-2025-30428 is a security vulnerability identified in Apple’s iOS and iPadOS operating systems that affects the Hidden Photos Album feature. The flaw stems from improper state management within the photo privacy controls, allowing unauthorized users to view photos stored in the Hidden Photos Album without passing the expected authentication checks. This means that an attacker with access to the device, or potentially through certain user interactions, can bypass the authentication barrier designed to protect sensitive images. The vulnerability was addressed and fixed in iOS 18.4, iPadOS 18.4, and iPadOS 17.7.6 through improved state management mechanisms. The CVSS v3.1 base score is 5.4, reflecting a medium severity level. The vector indicates the attack requires physical proximity (AV:P), low attack complexity (AC:L), no privileges (PR:N), user interaction (UI:R), and affects confidentiality highly (C:H), with limited impact on integrity (I:L) and availability (A:L). The weakness is categorized under CWE-305, which relates to insufficient authentication. No public exploits have been reported in the wild so far. This vulnerability primarily threatens the confidentiality of private photos, potentially exposing sensitive personal or corporate information stored in the Hidden Photos Album. The issue is particularly relevant for users who rely on this feature for privacy and security of their images.

The primary impact of CVE-2025-30428 is the unauthorized disclosure of sensitive images stored in the Hidden Photos Album on affected Apple devices. This breach of confidentiality can lead to privacy violations for individuals and potential exposure of sensitive corporate or personal data. While the integrity and availability of the device or data are minimally affected, the confidentiality breach can have significant reputational and personal consequences. For organizations, especially those in sectors like healthcare, finance, or legal services where sensitive images may be stored, this vulnerability could lead to data leakage and compliance issues. The requirement for user interaction and physical or close access limits remote exploitation but does not eliminate risk, especially in scenarios involving lost or stolen devices or social engineering attacks. The absence of known exploits in the wild reduces immediate risk but does not preclude future exploitation attempts. Overall, the vulnerability poses a moderate risk that necessitates timely patching to prevent unauthorized access to private images.

To mitigate CVE-2025-30428, organizations and users should promptly update affected devices to iOS 18.4, iPadOS 18.4, or iPadOS 17.7.6 or later versions where the vulnerability is fixed. Beyond patching, users should enable strong device-level security controls such as biometric authentication (Face ID or Touch ID) and strong passcodes to reduce the risk of unauthorized physical access. Organizations should enforce mobile device management (MDM) policies that mandate timely OS updates and restrict physical device access. Additionally, users should avoid storing highly sensitive images in the Hidden Photos Album if possible, or use third-party encrypted storage solutions with stronger access controls. Educating users about the risks of device loss or theft and the importance of locking devices can further reduce exposure. Monitoring for unusual access patterns or attempts to bypass authentication on devices can also help detect exploitation attempts. Finally, disabling features like USB accessories when the device is locked can limit attack vectors that require physical access.