Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Azure Access Technology
Blu Ic2

Azure Access Technology BLU-IC2 Vulnerabilities: CVEs, CISA KEV & Security Advisories

Azure Access Technology

39 CVEs

Azure Access Technology BLU-IC2 Vulnerabilities

CVE security advisories and vulnerability history for BLU-IC2 by Azure Access Technology.

39

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

0

Public exploits

With known exploit

8.5

Avg CVSS

2025–2025

Last updated November 1, 2025

Overview

Azure Access Technology BLU-IC2 has 39 published CVE records since 2025, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 0 have a known public exploit. The average CVSS base score across scored CVEs is 8.5.

This page aggregates every publicly disclosed vulnerability (CVE) affecting Azure Access Technology BLU-IC2, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of Azure Access Technology BLU-IC2's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical27

High0

Medium8

Low4

In CISA’s Known Exploited Vulnerabilities catalog

0

None of Azure Access Technology BLU-IC2's CVEs are currently listed in CISA's KEV catalog.

Public exploits

0

No Azure Access Technology BLU-IC2 CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every Azure Access Technology BLU-IC2 version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

> 1.19.539 CVEs

Find a version

39 CVEs

Sort

/etc/timezone can be Arbitrarily Written
CVE-2025-12603
Patch
CWE-787
Low · CVSS 2.3
EPSS 0.1% (17th pct)2025-11-01
/etc/avahi/services/z9.service can be Arbitrarily Written
CVE-2025-12602
Patch
CWE-787
Low · CVSS 2.3
EPSS 0.1% (17th pct)2025-11-01
Denial of Service Due to SlowLoris
CVE-2025-12601
Patch
CWE-730
Critical · CVSS 10.0
EPSS 0.1% (30th pct)2025-11-01
Web UI Malfunction
CVE-2025-12600
Patch
CWE-730
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-11-01
Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)
CVE-2025-12599
Patch
CWE-321
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-11-01
Missing Security Headers
CVE-2025-12554
Patch
CWE-693
Medium · CVSS 6.9
EPSS 0.1% (22th pct)2025-10-31
Server Certificate Verification Disabled
CVE-2025-12553
Patch
CWE-599
Critical · CVSS 10.0
EPSS 0.0% (15th pct)2025-10-31
Insufficient Password Policy
CVE-2025-12552
Patch
CWE-521
Medium · CVSS 6.9
EPSS 0.1% (22th pct)2025-10-31
Credits Page not Matching Versions in Use in the Firmware
CVE-2025-12517
Patch
CWE-448
Low · CVSS 2.1
EPSS 0.0% (8th pct)2025-10-30
Lack of Graceful Error Handling - HTTP 5xx Error
CVE-2025-12516
Patch
CWE-394
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-10-30
Systemic Internal Server Errors - HTTP 500 Response
CVE-2025-12515
Patch
CWE-394
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-10-30
Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation
CVE-2025-12479
Patch
CWE-352
Critical · CVSS 10.0
EPSS 0.0% (6th pct)2025-10-29
Non-Compliant TLS Configuration
CVE-2025-12478
Patch
CWE-326
Critical · CVSS 10.0
EPSS 0.0% (12th pct)2025-10-29
Server Version Disclosure
CVE-2025-12477
Patch
CWE-306
Critical · CVSS 10.0
EPSS 0.1% (21th pct)2025-10-29
Resource Lacking AuthN
CVE-2025-12476
Patch
CWE-306
Critical · CVSS 10.0
EPSS 0.1% (21th pct)2025-10-29
Local Privilege Escalation
CVE-2025-12425
Patch
CWE-269
Critical · CVSS 10.0
EPSS 0.0% (14th pct)2025-10-28
Privilege Escalation through SUID-bit Binary
CVE-2025-12424
Patch
CWE-269
Critical · CVSS 10.0
EPSS 0.1% (21th pct)2025-10-28
Denial of Service - Protocol Manipulation
CVE-2025-12423
Patch
CWE-248
Critical · CVSS 10.0
EPSS 0.0% (15th pct)2025-10-28
Vulnerable Upgrade Feature (Arbitrary File Write)
CVE-2025-12422
Patch
CWE-22
Critical · CVSS 10.0
EPSS 0.1% (34th pct)2025-10-28
Error Messages Wrapped In HTTP Header
CVE-2025-12365
Patch
CWE-209
Medium · CVSS 6.9
EPSS 0.0% (13th pct)2025-10-27
Weak Password Policy
CVE-2025-12364
Patch
CWE-521
Critical · CVSS 10.0
EPSS 0.1% (21th pct)2025-10-27
Email Password Disclosure
CVE-2025-12363
Patch
CWE-200
Critical · CVSS 10.0
EPSS 0.0% (15th pct)2025-10-27
Missing Initial Password Change
CVE-2025-12285
Patch
CWE-20
Critical · CVSS 10.0
EPSS 0.1% (28th pct)2025-10-26
Lack of Input Validation
CVE-2025-12284
Patch
CWE-20
Medium · CVSS 6.9
EPSS 0.0% (12th pct)2025-10-26
Mail Configuration File Manipulation + Command Execution
CVE-2025-12275
Patch
CWE-20
Critical · CVSS 10.0
EPSS 0.2% (43th pct)2025-10-26
Logout Functionality not Working
CVE-2025-12278
Patch
CWE-20
Medium · CVSS 6.9
EPSS 0.1% (19th pct)2025-10-26
CSRF Token not Properly Implemented
CVE-2025-12221
Patch
CWE-16
Low · CVSS 2.1
EPSS 0.0% (6th pct)2025-10-25
Busybox 1.31.1 - Multiple Known Vulnerabilities
CVE-2025-12220
Patch
CWE-1395
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-10-25
Vulnerable Components in Azure Access OS
CVE-2025-12219
Patch
CWE-1395
Critical · CVSS 10.0
EPSS 0.1% (22th pct)2025-10-25
Weak Default Credentials
CVE-2025-12218
Patch
CWE-1392
Critical · CVSS 10.0
EPSS 0.0% (15th pct)2025-10-25

Showing 30 of 39

Common weakness types

The CWE weakness categories most often found in Azure Access Technology BLU-IC2 CVEs. Follow any weakness for its full explanation.

CWE-20Improper Input Validation5 CVEs
CWE-521Weak Password Requirements2 CVEs
CWE-269Improper Privilege Management2 CVEs
CWE-306Missing Authentication for Critical Function2 CVEs
CWE-1392Use of Default Credentials2 CVEs
CWE-1395Dependency on Vulnerable Third-Party Component2 CVEs
CWE-394Unexpected Status Code or Return Value2 CVEs
CWE-7302 CVEs

Other Azure Access Technology products

Browse vulnerabilities for other products by Azure Access Technology.

All Azure Access Technology vulnerabilities

Frequently asked questions

Common questions about Azure Access Technology BLU-IC2 vulnerabilities.

How many CVEs does Azure Access Technology BLU-IC2 have?

Azure Access Technology BLU-IC2 has 39 published CVE records since 2025.

How many Azure Access Technology BLU-IC2 CVEs are in CISA KEV?

None of Azure Access Technology BLU-IC2's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for Azure Access Technology BLU-IC2 vulnerabilities?

No Azure Access Technology BLU-IC2 CVEs currently have a tracked public exploit in this dataset.

Which versions of Azure Access Technology BLU-IC2 are affected?

1 distinct Azure Access Technology BLU-IC2 version is named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in Azure Access Technology BLU-IC2 CVEs?

Azure Access Technology BLU-IC2's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-521 (Weak Password Requirements), CWE-269 (Improper Privilege Management), CWE-306 (Missing Authentication for Critical Function).

How many critical Azure Access Technology BLU-IC2 vulnerabilities are there?

Azure Access Technology BLU-IC2 has 27 critical and 0 high-severity CVEs.

What is the average severity of Azure Access Technology BLU-IC2 CVEs?

The average CVSS base score across Azure Access Technology BLU-IC2's scored CVEs is 8.5.

References

All Azure Access Technology vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track Azure Access Technology BLU-IC2 vulnerabilities

Monitor new Azure Access Technology BLU-IC2 vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Other products
FAQ
References