CVE-2025-12218
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-25
Last updated on: 2025-11-10
Assigner: azure-access
Description
Description
Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| azure-access | blu-ic2_firmware | to 1.20 (exc) |
| azure-access | blu-ic2 | * |
| azure-access | blu-ic4_firmware | to 1.20 (exc) |
| azure-access | blu-ic4 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1392 | The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is due to weak default credentials in BLU-IC2 and BLU-IC4 devices up to version 1.19.5. It means that the devices come with default usernames and passwords that are easily guessable or widely known, allowing unauthorized users to gain access.
How can this vulnerability impact me? :
An attacker can exploit the weak default credentials to gain unauthorized access to the affected devices remotely, potentially leading to full control over the device and its data, causing severe security breaches.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70