CVE-2025-65290 is a vulnerability identified in several Aqara Hub devices, specifically the Camera Hub G3 version 4.1.9_0027, Hub M2 version 4.3.6_0027, and Hub M3 version 4.3.6_0025. The core issue is the failure of these devices to properly validate server certificates during HTTPS firmware download processes. This certificate validation flaw (classified under CWE-295) allows an attacker positioned as a man-in-the-middle (MitM) to intercept the firmware update traffic. Because the devices do not verify the authenticity of the server certificate, the attacker can present a forged certificate and deliver malicious firmware updates. Such tampered firmware could compromise the device’s confidentiality and integrity, potentially allowing attackers to execute arbitrary code, exfiltrate data, or disrupt device functionality. The CVSS v3.1 base score is 7.4, indicating high severity, with attack vector network (AV:N), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality and integrity (C:H/I:H/A:N). No known exploits have been reported in the wild yet, but the vulnerability poses a significant risk due to the critical role of firmware integrity in IoT device security. The affected devices are commonly used in smart home and building automation environments, where compromised hubs could serve as entry points for broader network attacks or surveillance.

For European organizations, this vulnerability threatens the security of IoT ecosystems relying on Aqara Hub devices. Compromised firmware could lead to unauthorized access to sensitive data, manipulation of device behavior, and potential pivoting to internal networks. This is particularly concerning for enterprises and smart buildings using these hubs for security cameras and automation controls. The confidentiality and integrity of data transmitted through these devices could be undermined, risking privacy violations and operational disruptions. Given the increasing adoption of smart home and IoT technologies in Europe, especially in countries with strong smart city initiatives and advanced building automation, the impact could extend beyond individual devices to critical infrastructure. Additionally, the lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation in environments where network security is insufficient.

1. Immediately segment Aqara Hub devices on isolated network segments with strict firewall rules to limit exposure to untrusted networks. 2. Monitor network traffic for unusual patterns during firmware update windows, including unexpected TLS certificate anomalies or connections to unrecognized servers. 3. Disable automatic firmware updates if possible until a vendor patch is released. 4. Engage with Aqara or the device vendor to obtain security patches or firmware updates that properly validate server certificates. 5. Employ network-level TLS interception detection tools to identify MitM attempts. 6. For organizations deploying these devices at scale, implement device inventory and vulnerability management to track affected versions and ensure timely remediation. 7. Educate IT and security teams about the risks of firmware tampering and the importance of verifying update authenticity. 8. Consider deploying network intrusion detection/prevention systems (IDS/IPS) with IoT-specific signatures to detect exploitation attempts.