MEDIUM
ABUP
CVE published 2025-05-20
CVE-2025-4692
CVE-2025-4692 affects ABUP IoT Cloud Platform and was published by CISA on 2025-05-20. The issue involves a maliciously crafted JSON Web Token (JWT) submitted to a vulnerable cloud-platform method, which could allow privilege escalation and access to devices managed by the cloud update platform. CISA states the vulnerable method has been removed and is no longer accessible, and that users do not need to t [truncated]