CVE-2025-57602 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remo…
Critical CVSS: 9.8

CVE-2025-57602

Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can lead to remote code execution, information disclosure, and privilege escalation across customer environments.
Vendor
-
Product
-
CWE
CWE-798
Yayın Tarihi
2025-09-22 16:15:45
Güncelleme
2025-09-23 19:15:40
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-798 CRITICAL 2025

Referanslar

https://github.com/Shubhangborkar/aikaan-vulnerabilities/blob/main/cve2-proxyuser-shell.md https://github.com/Shubhangborkar/aikaan-vulnerabilities/blob/main/cve2-proxyuser-shell.md