azure-access CVE Vulnerabilities & Metrics

Focus on azure-access vulnerabilities and metrics.

Last updated: 16 Jan 2026, 23:25 UTC

About azure-access Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with azure-access. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total azure-access CVEs: 22
Earliest CVE date: 23 Oct 2025, 16:15 UTC
Latest CVE date: 01 Nov 2025, 19:15 UTC

Latest CVE reference: CVE-2025-12601

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 22

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical azure-access CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	22
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS azure-access CVEs

These are the five CVEs with the highest CVSS scores for azure-access, sorted by severity first and recency.

CVE-2025-12601 azure-access Published on 01 Nov 2025, 19:15 UTC (CVSS: 0)
Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2025-12600 azure-access Published on 01 Nov 2025, 19:15 UTC (CVSS: 0)
Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2025-12599 azure-access Published on 01 Nov 2025, 19:15 UTC (CVSS: 0)
Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2025-12554 azure-access Published on 31 Oct 2025, 16:15 UTC (CVSS: 0)
Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
CVE-2025-12553 azure-access Published on 31 Oct 2025, 16:15 UTC (CVSS: 0)
Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

All CVEs for azure-access

CVE-2025-12601 azure-access vulnerability CVSS: 0 01 Nov 2025, 19:15 UTC

Denial of Service Due to SlowLoris.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12600 azure-access vulnerability CVSS: 0 01 Nov 2025, 19:15 UTC

Web UI Malfunction when setting unexpected locale via API.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12599 azure-access vulnerability CVSS: 0 01 Nov 2025, 19:15 UTC

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12554 azure-access vulnerability CVSS: 0 31 Oct 2025, 16:15 UTC

Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12553 azure-access vulnerability CVSS: 0 31 Oct 2025, 16:15 UTC

Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12552 azure-access vulnerability CVSS: 0 31 Oct 2025, 16:15 UTC

Insufficient Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12517 azure-access vulnerability CVSS: 0 30 Oct 2025, 16:15 UTC

Credits Page not Matching Versions in Use in the FirmwareThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

CVE-2025-12516 azure-access vulnerability CVSS: 0 30 Oct 2025, 16:15 UTC

Lack of Graceful Error Handling - HTTP 5xx ErrorThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

CVE-2025-12515 azure-access vulnerability CVSS: 0 30 Oct 2025, 16:15 UTC

Systemic Internal Server Errors - HTTP 500 ResponseThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .

CVE-2025-12365 azure-access vulnerability CVSS: 0 27 Oct 2025, 19:16 UTC

Error Messages Wrapped In HTTP Header.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12364 azure-access vulnerability CVSS: 0 27 Oct 2025, 18:15 UTC

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12363 azure-access vulnerability CVSS: 0 27 Oct 2025, 18:15 UTC

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12285 azure-access vulnerability CVSS: 0 26 Oct 2025, 17:15 UTC

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12284 azure-access vulnerability CVSS: 0 26 Oct 2025, 17:15 UTC

Lack of Input Validation in the web UI might lead to potential exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12278 azure-access vulnerability CVSS: 0 26 Oct 2025, 17:15 UTC

Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12220 azure-access vulnerability CVSS: 0 25 Oct 2025, 16:15 UTC

Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12219 azure-access vulnerability CVSS: 0 25 Oct 2025, 16:15 UTC

Vulnerable Components in Azure Access OS.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12218 azure-access vulnerability CVSS: 0 25 Oct 2025, 16:15 UTC

Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12217 azure-access vulnerability CVSS: 0 25 Oct 2025, 16:15 UTC

SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12216 azure-access vulnerability CVSS: 0 25 Oct 2025, 16:15 UTC

Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12176 azure-access vulnerability CVSS: 0 24 Oct 2025, 16:15 UTC

Undocumented administrative accounts were getting created to facilitate access for applications running on board.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVE-2025-12114 azure-access vulnerability CVSS: 0 23 Oct 2025, 16:15 UTC

Enabled serial console could potentially leak information that might help attacker to find vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.