CVE-2025-12104

Critical

Published: 23 October 2025

Published

23 October 2025

Modified

07 November 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0035 57.5th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-12104 is a critical-severity Use of Unmaintained Third Party Components (CWE-1104) vulnerability in Azure-Access Blu-Ic2 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 42.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

preventdetect

Requires timely identification, reporting, and correction of software flaws, directly addressing vulnerabilities from outdated UI dependencies.

RA-5 Vulnerability Monitoring and Scanning good match

detect

Mandates continuous vulnerability scanning and monitoring to identify outdated and vulnerable UI dependencies prior to exploitation.

CM-8 System Component Inventory partial match

preventdetect

Maintains an inventory of system components including UI dependencies, enabling tracking and prioritization for updates.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability allows remote attackers with network access (AV:N/AC:L/PR:N/UI:N) to achieve full system compromise via exploitation of outdated and vulnerable UI dependencies in a public-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Deeper analysisAI

CVE-2025-12104, published on 2025-10-23, is a vulnerability stemming from outdated and vulnerable UI dependencies that might potentially lead to exploitation. It affects BLU-IC2 versions through 1.19.5 and BLU-IC4 versions through 1.19.5. The issue is classified under CWE-1104 and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity.

Remote attackers require only network access to exploit this vulnerability, with low attack complexity, no privileges, and no user interaction needed. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing full system compromise.

Mitigation details are available in the security advisory at https://azure-access.com/security-advisories.

Details

CWE(s): CWE-1104

Affected Products

azure-access

blu-ic2 firmware

≤ 1.20

azure-access

blu-ic4 firmware

≤ 1.20

CVEs Like This One

CVE-2025-12275Same product: Azure-Access Blu-Ic2

CVE-2025-12422Same product: Azure-Access Blu-Ic2

CVE-2025-12285Same product: Azure-Access Blu-Ic2

CVE-2025-3497Shared CWE-1104

CVE-2025-10220Shared CWE-1104

CVE-2025-34192Shared CWE-1104

CVE-2026-41468Shared CWE-1104

CVE-2025-34193Shared CWE-1104

References

https://azure-access.com/security-advisories
Vendor Advisory · a0340c66-c385-4f8b-991b-3d05f6fd5220