CVE-2025-31267

Summary

An authentication issue was addressed with improved state management. This issue is fixed in App Store Connect 3.0. An attacker with physical access to an unlocked device may be able to view sensitive user information.

Affected Software

VendorProductVersion RangeStatus
AppleApp Store Connect0 < 3.0affected

Weaknesses

  • An attacker with physical access to an unlocked device may be able to view sensitive user information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References