Critical Authentication Bypass Vulnerability Discovered in Itel DAB MUX (CVE-2025-63217)

Overview

CVE-2025-63217 details a critical authentication bypass vulnerability affecting the Itel DAB MUX (IDMUX build c041640a). This vulnerability allows an attacker to reuse a valid JSON Web Token (JWT) obtained from one device to authenticate and gain administrative access to any other device running the same firmware. This is regardless of individual device passwords or network configurations. Successfully exploiting this vulnerability grants an attacker full compromise of the affected device.

Technical Details

The core issue lies in the improper JWT validation mechanism within the Itel DAB MUX firmware. Specifically, the device fails to properly verify the JWT’s intended audience or any device-specific identifiers. This lack of validation means that a JWT generated for one device is treated as valid for all devices running the same vulnerable firmware. An attacker can intercept a legitimate user’s JWT (e.g., through network sniffing or compromised credentials), and then reuse this token to directly access the administrative interface of another Itel DAB MUX device.

The vulnerable firmware build is identified as c041640a.

CVSS Analysis

Currently, a CVSS score is not available (N/A). However, based on the impact of the vulnerability (full administrative access and potential compromise), it is highly likely that the vulnerability, once scored, will receive a Critical CVSS score.

Possible Impact

The potential impact of CVE-2025-63217 is severe. A successful exploit allows an attacker to:

• Gain complete administrative control over the Itel DAB MUX device.
• Modify device settings, potentially disrupting services.
• Access sensitive data stored on the device (if any).
• Potentially use the device as a pivot point to attack other devices on the network.
• Compromise user privacy by intercepting or manipulating data.

Mitigation and Patch Steps

Currently, there are no officially released patches or workarounds from Itel. Until a patch is available, we strongly recommend the following mitigation steps:

• Isolate Affected Devices: Place the Itel DAB MUX device on a separate, isolated network segment to limit the potential impact of a compromise.
• Monitor Network Traffic: Closely monitor network traffic to and from the device for any suspicious activity.
• Implement Strong Network Security Measures: Ensure strong passwords are used for all network devices and services. Implement network segmentation and firewalls to restrict access to the Itel DAB MUX device.
• Contact Itel Support: Reach out to Itel support (https://www.itel.it/) to inquire about the availability of a patch or firmware update.

We will update this post with new information as it becomes available. Keep checking back for official patches and updates from Itel.

References

• CVE-2025-63217: https://github.com/shiky8/my–cve-vulnerability-research/tree/main/CVE-2025-63217%20_%20Itel%20DAB%20MUX%20Authentication%20Bypass
• Itel Official Website: https://www.itel.it/