Firmware Version Discrepancy in BLU-IC2 and BLU-IC4 Products by Azure Access
CVE-2025-12517

2.1LOW

Key Information:

Vendor: Azure Access Technology
Status: Blu-ic2; Blu-ic4
Vendor: CVE Published:; 30 October 2025

🔔 Create Azure Access Technology Vulnerability Alert

What is CVE-2025-12517?

A vulnerability exists in Azure Access's BLU-IC2 and BLU-IC4 products due to a mismatch between the credits page and the actual firmware versions in use. This inconsistency can lead to confusion regarding the firmware capabilities and updates, potentially exposing users to unforeseen issues. The affected products include BLU-IC2 and BLU-IC4, both through version 1.19.5. Users are recommended to verify their firmware versions and consult security advisories for further mitigation strategies.

Affected Version(s)

BLU-IC2 0 <= 1.19.5

BLU-IC4 0 <= 1.19.5

References

https://azure-access.com/security-advisories

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2025
Vulnerability Reserved
Oct 30, 2025

Credit

Kevin Schaller

Benjamin Lafois

Alexi Bitsios

Sebastian Toscano

Dominik Schneider

JSON