CVE-2025-6521
During the initial setup of the device the user connects to an access
point broadcast by the Sight Bulb Pro. During the negotiation, AES
Encryption keys are passed in cleartext. If captured, an attacker may be
able to decrypt communications between the management app and the Sight
Bulb Pro which may include sensitive information such as network
credentials.
point broadcast by the Sight Bulb Pro. During the negotiation, AES
Encryption keys are passed in cleartext. If captured, an attacker may be
able to decrypt communications between the management app and the Sight
Bulb Pro which may include sensitive information such as network
credentials.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-06-27 17:15:35
Güncelleme
2025-06-30 18:38:23
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-