← back
CVE-2025-12424

Privilege Escalation through SUID-bit Binary

CVSS 10 CRITICALEPSS 0.3%CWE-269
In short

A system file with special permissions (SUID-bit) allows attackers to run commands with elevated privileges without proper authorization. This is critical because it gives attackers full control over the affected system.

Technical detail

A SUID-bit binary in BLU-IC2 and BLU-IC4 (versions ≤1.19.5) fails to properly validate user permissions (CWE-269), enabling local privilege escalation. An unprivileged attacker can execute arbitrary commands with root-level privileges by exploiting this misconfigured binary.

Summary generated and translated by AI from the official description.
Privilege Escalation through SUID-bit Binary.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Azure Access Technology · BLU-IC2Azure Access Technology · BLU-IC4

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://azure-access.com/security-advisories