{"id":65192,"date":"2025-06-27T23:32:11","date_gmt":"2025-06-27T20:02:11","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-6521-sight-bulb-pro-cleartext-aes-encryption-key-exfiltration\/"},"modified":"2025-06-27T23:32:11","modified_gmt":"2025-06-27T20:02:11","slug":"cve-2025-6521-sight-bulb-pro-cleartext-aes-encryption-key-exfiltration","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-6521-sight-bulb-pro-cleartext-aes-encryption-key-exfiltration\/","title":{"rendered":"CVE-2025-6521 &#8211; Sight Bulb Pro Cleartext AES Encryption Key Exfiltration"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-6521<br \/>\n<br \/>\n<strong>Published : <\/strong> June 27, 2025, 5:15 p.m. | 2\u00a0hours, 43\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>During the initial setup of the device the user connects to an access<br \/>\npoint broadcast by the Sight Bulb Pro. During the negotiation, AES<br \/>\nEncryption keys are passed in cleartext. If captured, an attacker may be<br \/>\n able to decrypt communications between the management app and the Sight<br \/>\n Bulb Pro which may include sensitive information such as network<br \/>\ncredentials.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 7.6 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-6521 Published : June 27, 2025, 5:15 p.m. | 2\u00a0hours, 43\u00a0minutes ago Description : During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-65192","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/65192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=65192"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/65192\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=65192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=65192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=65192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}