CVE-2025-63217 – This vulnerability allows attackers to bypass a... (How to Fix)

Q: What is the severity of CVE-2025-63217?

CVE-2025-63217 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows attackers to bypass authentication on Itel DAB MUX devices by reusing a valid JWT token from one device to gain administrative access to any other device running the same firmware. This affects all devices running IDMUX build c041640a, regardless of their individual passwords or network configurations. Attackers can achieve full compromise of affected devices.

📋 TL;DR

This vulnerability allows attackers to bypass authentication on Itel DAB MUX devices by reusing a valid JWT token from one device to gain administrative access to any other device running the same firmware. This affects all devices running IDMUX build c041640a, regardless of their individual passwords or network configurations. Attackers can achieve full compromise of affected devices.

💻 Affected Systems

Products:

Itel DAB MUX

Versions: IDMUX build c041640a

Operating Systems: Embedded/Linux-based

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running the vulnerable firmware build are affected regardless of individual password settings or network configurations.

📦 What is this software?

Id Mux Firmware by Itel

View all CVEs affecting Id Mux Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all affected devices across an organization, allowing attackers to manipulate broadcast systems, disrupt services, or use devices as footholds for further network attacks.

🟠

Likely Case

Unauthorized administrative access to DAB MUX devices, enabling configuration changes, service disruption, and potential data interception or manipulation.

🟢

If Mitigated

Limited impact if devices are isolated in segmented networks with strict access controls, though authentication bypass remains possible within the same network segment.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires obtaining a valid JWT token from any vulnerable device first, but once obtained, the bypass is trivial to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.itel.it/

Restart Required: No

Instructions:

Check vendor website for security updates. If available, download and apply firmware update following vendor instructions.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate DAB MUX devices in separate network segments with strict firewall rules limiting access to authorized management systems only.

Access Control Lists

all

Implement network ACLs to restrict management interface access to specific trusted IP addresses only.

🧯 If You Can't Patch

Segment affected devices in isolated VLANs with no internet access
Implement strict firewall rules allowing only necessary management traffic from authorized IPs

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or SSH. If running IDMUX build c041640a, device is vulnerable.

Check Version:

Check via device web interface or SSH connection to device management interface

Verify Fix Applied:

Verify firmware version has been updated to a version newer than IDMUX build c041640a.

📡 Detection & Monitoring

Log Indicators:

Multiple authentication attempts from same token across different devices
Administrative access from unexpected IP addresses
Configuration changes from unauthorized sources

Network Indicators:

Management traffic between DAB MUX devices
Authentication requests using same JWT across multiple devices

SIEM Query:

Search for authentication events with same JWT token across multiple device IPs within short timeframes

📊 Metadata

CVE ID: CVE-2025-63217

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-288

EPSS Score: 0.16% exploit probability (37.2th percentile)

Published: November 18, 2025

Last Updated: January 15, 2026

🔗 References

https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63217%20_%20Itel%20DAB%20MUX%20Authentication%20Bypass Exploit,Third Party Advisory
https://www.itel.it/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-63217, you might also want to check these: