CVE-2025-31267
CVE-2025-31267
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.6EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 jul 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An authentication issue was addressed with improved state management. This issue is fixed in App Store Connect 3.0. An attacker with physical access to an unlocked device may be able to view sensitive user information.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
Apple · App Store ConnectReferencias
https://support.apple.com/en-us/123356