CNNVD-202510-3978 Information

CNNVD ID

CNNVD-202510-3978

Related CVE

CVE-2025-56558

• CNNVD Published: 2025-10-29

Description (Chinese)

Dyson App是新加坡Dyson公司的一个远程控制智能设备的手机应用。 Dyson App v6.1.23041版本至23595版本存在安全漏洞，该漏洞源于未经验证的攻击者可通过MQTT远程控制其他用户的Dyson IoT设备。

Description (English)

Dyson App is a mobile phone application for a remote control smart device at Dyson Singapore. There is a security loophole in Dyson App v6.1.23041 to 23595, which results from uncertified assailants remote control of Dyson Iot equipment for other users through MQTT.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Dyson

Published

2025-10-29

Last Modified

2026-02-24

References

https://archive.org/details/dyson-acpolicy-bug-report https://www.dyson.com/air-treatment/air-purifier-heaters/pure-hot-cool-hp04 http://dyson.com https://support.dyson.com.au/supporthome/Air-Treatment/Purifier/pure-hot-cool-link/385276-01/troubleshooting/machine-is-not-heating https://www.dyson.co.uk/support/reporting-data-security-issues https://access.redhat.com/security/cve/cve-2025-56558