4 matches found
CVE-2025-6521
During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which...
CVE-2025-6521 TrendMakers Sight Bulb Pro Use of a Broken or Risky Cryptographic Algorithm
During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which...
CVE-2025-6521
CVE-2025-6521 affects the TrendMakers Sight Bulb Pro. During initial setup, AES keys are passed in cleartext as the device negotiates with an access point, enabling an attacker on an adjacent network to decrypt management app communications and potentially access credentials. The CISA ICS advisor...
CVE-2025-6521
creationtimestamp| type| source ---|---|--- 2025-06-26 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-177-02 2025-06-26 20:04:38+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lsjwd5nqsj2a 2025-06-27 17:56:11+00:00| seen|...