CVE-2025-63217

CriticalPublic PoC

Published: 18 November 2025

Published

18 November 2025

Modified

15 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 33.1th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device…

running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.

Mitigating Controls (NIST 800-53 r5)AI

IA-5 Authenticator Management good match

prevent

Requires verification of authenticators such as JWT tokens prior to granting access, directly mitigating improper validation that allows cross-device reuse.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations in accordance with access control policies, preventing authentication bypass and unauthorized administrative access via flawed JWT checks.

IA-8 Identification and Authentication (Non-organizational Users) good match

prevent

Mandates identification and authentication for non-organizational users, countering the vulnerability that permits remote attackers to gain admin access with reused JWT tokens.

Security SummaryAI

CVE-2025-63217 is an authentication bypass vulnerability (CWE-288) in the Itel DAB MUX (IDMUX build c041640a), published on 2025-11-18. The flaw arises from improper JWT validation, allowing tokens to be shared across devices running the same firmware. It has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impact on confidentiality, integrity, and availability.

Any remote attacker can exploit this vulnerability without privileges or user interaction by obtaining a valid JWT token from one affected device and reusing it to authenticate with administrative access on any other device with the same firmware. This works even across devices with different passwords or networks, enabling full compromise of the targeted devices.

Mitigation details and further information are available in the referenced advisories, including vulnerability research at https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63217%20_%20Itel%20DAB%20MUX%20Authentication%20Bypass and the vendor site at https://www.itel.it/.

Details

CWE(s): CWE-288

Affected Products

itel

id mux firmware

all versions

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE enables remote unauthenticated authentication bypass via JWT token reuse on network-accessible devices, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63217%20_%20Itel%20DAB%20MUX%20Authentication%20Bypass
Exploit, Third Party Advisory · cve@mitre.org
https://www.itel.it/
Product · cve@mitre.org