CVE-2025-12114
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-23

Last updated on: 2025-11-10

Assigner: azure-access

Description
Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-23
Last Modified
2025-11-10
Generated
2026-06-16
AI Q&A
2025-10-23
EPSS Evaluated
2026-06-14
NVD
CVE-2025-12114
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
azure-access blu-ic2_firmware to 1.20 (exc)
azure-access blu-ic2 *
azure-access blu-ic4_firmware to 1.20 (exc)
azure-access blu-ic4 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1191 The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves an enabled serial console that could potentially leak information. This leaked information might help an attacker identify other vulnerabilities in the affected devices, specifically BLU-IC2 and BLU-IC4 models through version 1.19.5.

Impact Analysis

The vulnerability could allow an attacker to gain information through the serial console that may assist in finding further weaknesses in the system. This could lead to increased risk of unauthorized access or exploitation of the affected devices.

Mitigation Strategies

To mitigate this vulnerability, you should disable the enabled serial console on affected devices (BLU-IC2 and BLU-IC4 through version 1.19.5) to prevent potential information leakage. Additionally, apply any available firmware or software patches provided by the vendor as soon as they are released. Refer to the security advisories and guidelines published by Azure Access Technology for detailed mitigation steps and secure system setup recommendations. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12114. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart