CVE-2025-36057

Summary

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22

is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.

Affected Software

VendorProductVersion RangeStatus
IBMCognos Analytics Mobile1.1.0 <= 1.1.22affected

Weaknesses

  • CWE-299: CWE-299 Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References