CVE-2025-59447 | THREATINT

Description

The YoSmart YoLink Smart Hub device 0382 exposes a UART debug interface. An attacker with direct physical access can leverage this interface to read a boot log, which includes network access credentials.

PUBLISHED Reserved 2025-09-16 | Published 2025-10-06 | Updated 2025-10-06 | Assigner mitre

LOW: 2.2CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Problem types

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status

unknown

0382

affected

References

bishopfox.com/blog/advisories

shop.yosmart.com/pages/product-support

bishopfox.com/...20-smart-device-gave-me-access-to-your-home

cve.org (CVE-2025-59447)

nvd.nist.gov (CVE-2025-59447)

Download JSON