HIGH
TrendMakers
CVE published 2025-06-26
CVE-2025-6521
CVE-2025-6521 is a high-severity information disclosure issue in TrendMakers Sight Bulb Pro firmware. During initial setup, the device broadcasts an access point and passes AES encryption keys in cleartext during negotiation, which could let an attacker decrypt communications between the management app and the bulb, including sensitive data such as network credentials.