Cyber Resilience

CVE-2025-63216

CriticalPublic PoC

Published: 18 November 2025

Published
18 November 2025
Modified
15 January 2026
KEV Added
Patch
CVSS Score v3.1 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0016 37.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-63216 is a critical-severity Improper Authentication (CWE-287) vulnerability in Itel Idgateway Firmware. Its CVSS base score is 10.0 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-5 (Authenticator Management).

Deeper analysis

CVE-2025-63216, published on 2025-11-18, is an authentication bypass vulnerability in the Itel DAB Gateway running IDGat build c041640a. The flaw arises from improper JWT validation across devices, enabling attackers to reuse a valid JWT token obtained from one device to authenticate on others with the same firmware. Associated CWEs include CWE-287 (Improper Authentication) and CWE-384 (Session Fixation), earning a critical CVSS v3.1 base score of 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Remote attackers require no privileges, user interaction, or special access to exploit this vulnerability over the network with low complexity. By capturing a JWT from any compromised or accessible device, they can authenticate with administrative privileges on any other device running the vulnerable firmware, even across different passwords and networks, resulting in full compromise including high confidentiality, integrity, and availability impacts.

References include a GitHub repository at https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63216_Itel%20DAB%20Gateway%20Authentication%20Bypass documenting the research and the vendor site at https://www.itel.it/. No specific mitigation or patch details are provided in the CVE description.

EU & UK References

Vulnerability details

The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device…

more

running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Authentication bypass vulnerability in a network-accessible gateway device via improper JWT validation enables remote unauthenticated exploitation of a public-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-63224Same vendor: Itel
CVE-2025-63217Same vendor: Itel
CVE-2025-63529Shared CWE-384
CVE-2025-52689Shared CWE-384
CVE-2025-71279Shared CWE-287
CVE-2024-13804Shared CWE-287
CVE-2026-23796Shared CWE-384
CVE-2024-57046Shared CWE-287
CVE-2026-1203Shared CWE-287
CVE-2026-1740Shared CWE-287

Affected Assets

itel
idgateway firmware
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SC-23 requires mechanisms to protect the authenticity of communications sessions, directly mitigating JWT token reuse and fixation across devices.

prevent

IA-5 mandates proper management, protection, and validation of authenticators including JWT tokens to prevent authentication bypass via reuse.

prevent

AC-3 enforces approved authorizations for access, countering the improper authentication that allows administrative access with reused tokens.

References