← back
CVE-2025-12220

Busybox 1.31.1 - Multiple Known Vulnerabilities

CVSS 10 CRITICALEPSS 0.3%CWE-1395
In short

Busybox 1.31.1 contains multiple known security vulnerabilities that can be exploited to compromise affected systems. These flaws affect BLU-IC2 and BLU-IC4 devices up to version 1.19.5, potentially allowing attackers to gain unauthorized access or execute malicious code.

Technical detail

This vulnerability encompasses multiple known flaws in Busybox 1.31.1 affecting BLU-IC2 and BLU-IC4 devices through version 1.19.5. The impact allows for potential privilege escalation, arbitrary code execution, or information disclosure depending on the specific vulnerability exploited within the Busybox component. Remediation requires updating affected devices to patched versions beyond 1.19.5.

Summary generated and translated by AI from the official description.
Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
Azure Access Technology · BLU-IC2Azure Access Technology · BLU-IC4

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://azure-access.com/security-advisories