Security Advisory

CVE-2025-4692

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-22 23:12:39

Last updated 2025-05-23 13:32:36

Assigner icscert

State PUBLISHED

Description

Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the ABUP Cloud Update Platform.

← Browse all CVEs View on cve.org ↗