CVE-2025-12284

🗓️ 26 Oct 2025 16:21:56Reported by azure-accessType

Lack of input validation in the web UI may allow exploitation in Blue IC Two and Blue IC Four through version 1.19.5.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-12284	26 Oct 202516:48	–	circl
CNNVD	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞	26 Oct 202500:00	–	cnnvd
CNVD	Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Scripting Vulnerabilities	31 Oct 202500:00	–	cnvd
Cvelist	CVE-2025-12284 Lack of Input Validation	26 Oct 202516:21	–	cvelist
EUVD	EUVD-2025-35945	26 Oct 202518:30	–	euvd
NVD	CVE-2025-12284	26 Oct 202517:15	–	nvd
OSV	CVE-2025-12284	26 Oct 202517:15	–	osv
Positive Technologies	PT-2025-43754	26 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-12284	27 Oct 202516:34	–	redhatcve
Vulnrichment	CVE-2025-12284 Lack of Input Validation	26 Oct 202516:21	–	vulnrichment

NVD

Node

azure-access blu-ic2_firmwareRange<1.20

AND

azure-access blu-ic2

Node

azure-access blu-ic4_firmwareRange<1.20

AND

azure-access blu-ic4

[
  {
    "defaultStatus": "unaffected",
    "product": "BLU-IC2",
    "vendor": "Azure Access Technology",
    "versions": [
      {
        "lessThanOrEqual": "1.19.5",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "BLU-IC4",
    "vendor": "Azure Access Technology",
    "versions": [
      {
        "lessThanOrEqual": "1.19.5",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
azure-access	www.azure-access.com/security-advisories

10 Nov 2025 14:57Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.1

CVSS 46.9

EPSS0.00038

SSVC