VYPR
High severity8.8NVD Advisory· Published Sep 22, 2025· Updated Apr 15, 2026

CVE-2025-57605

CVE-2025-57605

Description

Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.