← back
CVE-2025-12114

Serial Console Enabled

CVSS 5.2 MEDIUMEPSS 0.1%CWE-1191
In short

The serial console is left enabled on affected devices, potentially exposing sensitive information that attackers could use to discover other vulnerabilities in the system.

Technical detail

An enabled serial console (CWE-1191: Information Exposure Through Serialized Data) allows unauthenticated access to debug output and system information via serial interface, facilitating reconnaissance for further exploitation. This affects BLU-IC2 and BLU-IC4 firmware versions up to 1.19.5.

Summary generated and translated by AI from the official description.
Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H
Affected products
Azure Access Technology · BLU-IC2Azure Access Technology · BLU-IC4

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://azure-access.com/security-advisories