CVE-2025-12553
CRITICALDescription
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| azure-access | blu-ic2_firmware |
| azure-access | blu-ic2 |
| azure-access | blu-ic4_firmware |
| azure-access | blu-ic4 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-12553? +
How severe is CVE-2025-12553? +
What products are affected by CVE-2025-12553? +
How do I check if I'm vulnerable to CVE-2025-12553? +
Related Vulnerabilities
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in …
A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function.
Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.
goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient …
GOG Galaxy 2.0.0.2 suffers from Missing SSL Certificate Validation. An attacker who controls the local network, DNS, or a proxy …
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This …