CVE-2025-53649_CVE-2025-53649

5.9 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.

Basic Information

ID CVE-2025-53649

Source jpcert

Published Jul 29, 2025 at 04:41

Modified Jul 29, 2025 at 13:58

Affected Product

Vendor SwitchBot

Product SwitchBot App for iOS/Android

Version V6.24 through V9.12

Affected Versions SwitchBot SwitchBot App for iOS/Android V6.24 through V9.12

CWE Classification

CWE-532

References

{
    "lastseen": "",
    "description": "\"SwitchBot\" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.",
    "published": "2025-07-29T04:41:35.880Z",
    "modified": "2025-07-29T13:58:10.661Z",
    "type": "cve",
    "title": "CVE-2025-53649",
    "source": "jpcert",
    "references": "https://www.switchbot.jp/pages/switchbot-app-vulnerability-fix202507\nhttps://jvn.jp/en/jp/JVN59585716/",
    "id": "CVE-2025-53649",
    "bulletinFamily": "",
    "cwe": [
        "CWE-532"
    ],
    "cvelist": null,
    "sourceData": "SwitchBot SwitchBot App for iOS/Android V6.24 through V9.12",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SwitchBot App for iOS/Android",
    "version": "V6.24 through V9.12",
    "vendor": "SwitchBot",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}