CVE-2025-4692 – ABUP Cloud Update Platform JWT Privilege Escalation Vulnerability

CVE ID : CVE-2025-4692

Published : May 23, 2025, 12:15 a.m. | 1 hour, 1 minute ago

Description : Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access any device managed by the

ABUP Cloud Update Platform.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…