CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/Unauthorized-Data-Upload.md

Products affected by CVE-2025-65297

Aqara » Camera Hub G3 » Version: N/A

cpe:2.3:h:aqara:camera_hub_g3:-
Aqara » Hub M2 » Version: N/A

cpe:2.3:h:aqara:hub_m2:-
Aqara » Hub M3 » Version: N/A

cpe:2.3:h:aqara:hub_m3:-
Aqara » Camera Hub G3 Firmware » Version: 4.1.9_0027

cpe:2.3:o:aqara:camera_hub_g3_firmware:4.1.9_0027
Aqara » Hub M2 Firmware » Version: 4.3.6_0027

cpe:2.3:o:aqara:hub_m2_firmware:4.3.6_0027
Aqara » Hub M3 Firmware » Version: 4.3.6_0025

cpe:2.3:o:aqara:hub_m3_firmware:4.3.6_0025

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-65297

Products

Pricing

Contact Us