High severity8.8NVD Advisory· Published Sep 22, 2025· Updated Apr 15, 2026
CVE-2025-57605
CVE-2025-57605
Description
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.