Home

Description

An issue discovered in Dyson App v6.1.23041-23595 allows unauthenticated attackers to control other users' Dyson IoT devices remotely via MQTT.

PUBLISHED Reserved 2025-08-17 | Published 2025-10-29 | Updated 2025-10-29 | Assigner mitre

References

dyson.com

archive.org/details/dyson-acpolicy-bug-report

cve.org (CVE-2025-56558)

nvd.nist.gov (CVE-2025-56558)

Download JSON