CVE-2025-12602
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-01
Last updated on: 2025-11-07
Assigner: azure-access
Description
Description
/etc/avahi/services/z9.service can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| azure-access | blu-ic2_firmware | to 1.20 (exc) |
| azure-access | blu-ic2 | * |
| azure-access | blu-ic4_firmware | to 1.20 (exc) |
| azure-access | blu-ic4 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows arbitrary writing to the file /etc/avahi/services/z9.service in affected versions of BLU-IC2 and BLU-IC4 up to version 1.19.5. This means an attacker with certain privileges could modify this file in an unauthorized way.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker could potentially alter the /etc/avahi/services/z9.service file, which may lead to unauthorized changes in service configurations or behavior. However, the CVSS score is low (2.3), indicating limited impact or exploitability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70