CVE-2025-1969

Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM. Upgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process

• https://aws.amazon.com/security/security-bulletins/AWS-2025-004/
• https://github.com/aws-samples/iam-identity-center-team/releases/tag/v1.2.2
• https://github.com/aws-samples/iam-identity-center-team/security/advisories/GHSA-x9xv-r58p-qh86