Arbitrary File Write Vulnerability in BLU-IC2 and BLU-IC4 by Azure Access
CVE-2025-12603

2.3LOW

Key Information:

Vendor

Azure Access Technology

Status
Blu-ic2
Blu-ic4
Vendor
CVE Published:
1 November 2025

What is CVE-2025-12603?

An arbitrary file write vulnerability exists in Azure Access's BLU-IC2 and BLU-IC4 products, specifically allowing unauthorized modifications to the /etc/timezone file. This can potentially disrupt system configurations and allow attackers to manipulate timezone settings, leading to unintended consequences and further exploitation. Users are advised to update to the latest versions to mitigate the risk associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

BLU-IC2 0 <= 1.19.5

BLU-IC4 0 <= 1.19.5

References

https://azure-access.com/security-advisories

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Kevin Schaller
Benjamin Lafois
Alexi Bitsios
Sebastian Toscano
Dominik Schneider
JSON
.