PT-2025-31167 · Switchbot · Switchbot App
Published
2025-07-29
·
Updated
2025-07-29
·
CVE-2025-53649
CVSS v3.1
5.1
Medium
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SwitchBot App versions V6.24 through V9.12
Description
The SwitchBot App for iOS/Android contains a flaw that results in sensitive information being written to log files. Exploitation of this issue may allow an attacker with access to application logs to obtain sensitive user data.
Recommendations
Update to a version later than V9.12.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Switchbot App