HTTP Header Error Messaging Flaw in BLU-IC2 and BLU-IC4 by Azure Access
CVE-2025-12365

6.9MEDIUM

Key Information:

Vendor: Azure Access Technology
Status: Blu-ic2; Blu-ic4
Vendor: CVE Published:; 27 October 2025

🔔 Create Azure Access Technology Vulnerability Alert

What is CVE-2025-12365?

The identified vulnerability in BLU-IC2 and BLU-IC4 products manifests as error messages improperly wrapped in HTTP headers, which can potentially expose sensitive information. This flaw may allow attackers to gain insights into the underlying system, leading to further exploits. Users are advised to review and update their versions immediately to mitigate any risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BLU-IC2 0 <= 1.19.5

BLU-IC4 0 <= 1.19.5

References

https://azure-access.com/security-advisories

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Oct 27, 2025
Vulnerability Reserved
Oct 27, 2025

Credit

Kevin Schaller

Benjamin Lafois

Alexi Bitsios

Sebastian Toscano

Dominik Schneider

JSON

Azure Access Technology