Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-31267

An authentication issue was addressed with improved state management. This issue is fixed in App Store Connect 3.0. An attacker with physical access to an unlocked device may be able to view sensitive user information.

Published

2025-07-10T23:15:27.800

Last Modified

2025-07-29T18:08:30.433

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	app_store_connect	< 3.0	Yes

References

https://support.apple.com/en-us/123356 Vendor Advisory ([email protected])