Unknown · Abup Cloud Update Platform · CVE-2025-4692
**Name of the Vulnerable Software and Affected Versions**
ABUP Cloud Update Platform (affected versions not specified)
**Description**
The issue allows actors to perform privilege escalation by submitting a maliciously crafted JavaScript object notation (JSON) web token (JWT) to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the platform.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.