← back
CVE-2025-53649

CVE-2025-53649

CVSS 5.9 MEDIUMEPSS 0.1%CWE-532
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
SwitchBot · SwitchBot App for iOS/Android

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN59585716/https://www.switchbot.jp/pages/switchbot-app-vulnerability-fix202507