[FD] PlayReady Activation protocol issues (weak auth / fake client identities)
https://seclists.org/fulldisclosure/2025/Aug/3"PlayReady Activation service does not implement real authentication, but
some form of obfuscated identification scheme [...] Arbitrary PlayReady identity can be requested by the client through public API" and more...