CVE-2025-65296 - Aqara Hub M3 Firmware, Aqara Camera Hub G3 Firmware and Aqara Hub M2 Firmware

Moderate 6.5

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera Hub G3 4.1.9_0027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs.

Affected software

Aqara Hub M3 Firmware

Aqara Camera Hub G3 Firmware

Aqara Hub M2 Firmware

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.