CVE-2025-65295

EUVD-2025-202637
Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated cryptographic methods that can be exploited to forge valid signatures, and exposes information through improperly initialized memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
aqarahub_m2_firmware
4.3.6_0027:_0027
aqarahub_m3_firmware
4.3.6_0025:_0025
aqaracamera_hub_g3_firmware
4.1.9_0027:_0027
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/OTA-Firmware-Insecurity.md