CVE-2025-53649

Medium CVSS: 5.9

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.

Vendor

Product

CWE

CWE-532

Yayın Tarihi

2025-07-29 05:15:32

Güncelleme

2025-07-29 14:14:29

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-532 MEDIUM 2025

Referanslar

https://jvn.jp/en/jp/JVN59585716/ https://www.switchbot.jp/pages/switchbot-app-vulnerability-fix202507