Primary

Context

SwitchBot App Sensitive Information Log Insertion Vulnerability

Vulnerability

A vulnerability exists in the SwitchBot App for iOS and Android, specifically in versions V6.24 through V9.12. This vulnerability allows for the insertion of sensitive user information into the application's log files. If exploited, this could expose personal data to an attacker with access to these logs.

Impact

Exploitation of this vulnerability could lead to the unauthorized exposure of sensitive user information contained in the application logs.

Remediation

Users are advised to update the SwitchBot App to version V9.13 or later. The updated version is available on the App Store and Google Play.

Added: Jul 29, 2025, 5:20 AM

Updated: Jul 29, 2025, 5:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SwitchBot App Sensitive Information Log Insertion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating