Unrated severityNVD Advisory· Published Dec 10, 2025· Updated Dec 11, 2025
CVE-2025-65295
CVE-2025-65295
Description
Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated cryptographic methods that can be exploited to forge valid signatures, and exposes information through improperly initialized memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Aqara/Aqara Hubdescription
- Range: =4.1.9_0027
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.