{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-30422", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-22T00:04:43.714Z", "datePublished": "2025-04-30T20:48:15.738Z", "dateUpdated": "2026-04-02T18:14:32.762Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker on the local network may cause an unexpected app termination"}]}], "affected": [{"vendor": "Apple", "product": "AirPlay audio SDK", "versions": [{"version": "0", "status": "affected", "lessThan": "2.7.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "AirPlay video SDK", "versions": [{"version": "0", "status": "affected", "lessThan": "2.7.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination."}], "references": [{"url": "https://support.apple.com/en-us/122403"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:14:32.762Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-01T13:09:38.751434Z", "id": "CVE-2025-30422", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-01T13:09:41.671Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-30422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-01T13:09:38.751434Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-01T13:09:18.766Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "AirPlay audio SDK", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.7.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "AirPlay video SDK", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "3.6.0.126", "versionType": "custom"}]}, {"vendor": "Apple", "product": "CarPlay Communication Plug-in", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "R18.1", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122403"}], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An attacker on the local network may cause an unexpected app termination"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-04-30T20:48:15.738Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30422", "state": "PUBLISHED", "dateUpdated": "2025-05-01T13:09:41.671Z", "dateReserved": "2025-03-22T00:04:43.714Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-04-30T20:48:15.738Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:airplay_audio_software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BEE19EA-7BD5-441D-8C25-F2529C5AF5A5", "versionEndExcluding": "2.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:airplay_video_software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFAC8539-73DB-4545-A221-21F5E24B9AF8", "versionEndExcluding": "3.6.0.126", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:carplay_communication_plug-in:*:*:*:*:*:*:*:*", "matchCriteriaId": "00E0D29A-8A73-4E08-9937-6574886D872D", "versionEndExcluding": "r18.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination."}, {"lang": "es", "value": "Se solucion\u00f3 un desbordamiento de b\u00fafer mejorando la validaci\u00f3n de entrada. Este problema se solucion\u00f3 en el SDK de audio de AirPlay 2.7.1, el SDK de v\u00eddeo de AirPlay 3.6.0.126 y el complemento de comunicaci\u00f3n de CarPlay R18.1. Un atacante en la red local podr\u00eda provocar el cierre inesperado de la aplicaci\u00f3n."}], "id": "CVE-2025-30422", "lastModified": "2026-04-02T19:19:33.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-04-30T21:15:54.700", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/122403"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}