Primary

Context

Azure Access BLU-IC2 and BLU-IC4 SDKSocket Secret Sharing Vulnerability

Vulnerability

A vulnerability exists in the BLU-IC2 and BLU-IC4 devices, both through version 1.19.5, due to multiple devices sharing the same secrets for SDKSocket over TCP port 5000. This could potentially lead to unauthorized access or manipulation of data between devices.

Impact

Exploitation of this vulnerability could allow for unauthorized access to shared secrets between devices, potentially leading to further exploitation of the SDKSocket communication.

Remediation

Users are advised to update to the latest supported version of the firmware. Instructions for updating can be found on the Azure Access website.

Added: Nov 1, 2025, 7:18 PM

Updated: Nov 1, 2025, 7:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Azure Access BLU-IC2 and BLU-IC4 SDKSocket Secret Sharing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating