The vulnerability identified as CVE-2025-64983 affects SwitchBot Smart Video Doorbell devices running firmware versions prior to 2.01.078. The root cause is the presence of active debug code that exposes a Telnet service, which is typically intended for development or troubleshooting purposes but should be disabled or secured in production firmware. This Telnet service allows an attacker with low privileges (PR:L) and network access (AV:A) to connect without requiring user interaction (UI:N). Once connected, the attacker can gain unauthorized access to the device, potentially leading to full compromise of confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability does not require local physical access but does require network access, which could be from a local network or potentially from the internet if the device is exposed. The CVSS vector indicates low attack complexity (AC:L), meaning exploitation is straightforward for an attacker with the necessary privileges. Although no known exploits have been reported in the wild, the presence of an open Telnet service is a critical security risk, as Telnet transmits data in plaintext and is a common vector for unauthorized access. The vulnerability is particularly concerning for smart home and building security environments where these doorbells are deployed, as attackers could intercept video feeds, manipulate device functions, or use the compromised device as a pivot point for further network intrusion. The vendor has addressed this issue in firmware version 2.01.078, which disables or secures the debug Telnet service. However, no direct patch links are provided in the source information, so users must obtain updates from official SwitchBot channels. The vulnerability was reserved and published in November 2025 by JPCERT, indicating a recent discovery and disclosure. Given the high CVSS score of 8.0, this vulnerability demands urgent attention from users and administrators of affected devices.

For European organizations, the impact of CVE-2025-64983 can be significant, especially in sectors relying on smart building technologies, physical security, and IoT devices. Unauthorized Telnet access to the SwitchBot Smart Video Doorbell could allow attackers to intercept video streams, compromising privacy and confidentiality. Attackers could also manipulate device settings or disable security features, undermining physical security integrity. Furthermore, compromised devices could be leveraged as entry points for lateral movement within corporate or residential networks, potentially leading to broader network breaches. The availability of the device could be disrupted by attackers, causing denial of service or loss of security monitoring capabilities. Organizations in critical infrastructure, government facilities, or enterprises with smart office deployments are particularly vulnerable to espionage or sabotage. The risk is heightened if devices are accessible from external networks without proper segmentation or firewall protections. Given the widespread adoption of IoT devices in Europe and increasing reliance on smart home and building automation, this vulnerability poses a tangible threat to operational security and privacy.

To mitigate CVE-2025-64983, organizations and users should immediately update SwitchBot Smart Video Doorbell firmware to version 2.01.078 or later, where the debug Telnet service is disabled or secured. If immediate patching is not possible, network administrators should implement strict network segmentation to isolate these devices from critical internal networks and restrict Telnet access using firewall rules or access control lists. Disabling Telnet access entirely at the network perimeter or via device configuration is recommended. Monitoring network traffic for unusual Telnet connections or attempts can help detect exploitation attempts. Organizations should also review device deployment practices to avoid exposing IoT devices directly to the internet. Employing network intrusion detection systems (NIDS) with IoT-specific signatures can enhance detection capabilities. Finally, vendors and integrators should be engaged to ensure secure firmware management and timely updates are applied across all deployed devices.