CVE-2025-65290

HIGH

Aqara Hub M2, M3, and Camera Hub G3 Firmware - Improper Certificate Validation

Title source: llm

Description

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmware update traffic and potentially serve modified firmware files.

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/OTA-Certificate-Validation-Bypass.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.4

EPSS 0.0016

EPSS Percentile 5.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-295

Status published

Products (3)

aqara/camera_hub_g3_firmware 4.1.9_0027

aqara/hub_m2_firmware 4.3.6_0027

aqara/hub_m3_firmware 4.3.6_0025

Published Dec 10, 2025

Tracked Since Feb 18, 2026