CVE-2025-53649

Summary

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs.

Affected Software

VendorProductVersion RangeStatus
SwitchBotSwitchBot App for iOS/AndroidV6.24 through V9.12affected

Weaknesses

  • CWE-532: Insertion of sensitive information into log file

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References