PT-2025-42392 · Azure Access Technology · Blu-Ic2+1

Alexi Bitsios

Published

2025-10-15

Updated

2025-10-16

CVE-2025-11832

CVSS v4.0

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions Azure Access Technology BLU-IC2 versions through 1.19.5 Azure Access Technology BLU-IC4 versions through 1.19.5

Description A flaw exists in Azure Access Technology BLU-IC2 and BLU-IC4 related to the allocation of resources without limits or throttling, enabling flooding attacks. The issue stems from unthrottled API endpoints which permit resource exhaustion.

Recommendations Update Azure Access Technology BLU-IC2 to a version later than 1.19.5. Update Azure Access Technology BLU-IC4 to a version later than 1.19.5.

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2025-11832

Affected Products

Blu-Ic2

Blu-Ic4

PT-2025-42392 · Azure Access Technology · Blu-Ic2+1

CVE-2025-11832

Weakness Enumeration

Related Identifiers

Affected Products

References · 7