CVE-2025-59448
📋 TL;DR
YoSmart YoLink ecosystem uses unencrypted MQTT for internet communication, allowing attackers monitoring network traffic to intercept sensitive data or tamper with device control messages. This affects YoLink Hub 0382, YoLink Mobile Application 1.40.41, and YoLink MQTT Broker. The vendor claims only legacy mobile app logic is vulnerable, not Hub hardware/firmware.
💻 Affected Systems
- YoLink Hub 0382
- YoLink Mobile Application
- YoLink MQTT Broker
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attacker gains full control of smart home devices, manipulates security systems, accesses private data, or causes physical damage through device manipulation.
Likely Case
Attacker intercepts device status, sensor readings, and control commands, potentially enabling unauthorized device operation or data collection.
If Mitigated
With proper network segmentation and monitoring, impact limited to data observation without device compromise.
🎯 Exploit Status
Exploitation requires network traffic interception capability; detailed research published by Bishop Fox.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Mobile app updates after 1.40.41
Vendor Advisory: https://shop.yosmart.com/pages/sa-2025-001
Restart Required: Yes
Instructions:
1. Update YoLink mobile app to latest version. 2. Ensure Hub firmware is current via app. 3. Restart Hub after updates.
🔧 Temporary Workarounds
Network Segmentation
allIsolate YoLink devices on separate VLAN with strict firewall rules.
VPN Tunnel
allRoute YoLink traffic through encrypted VPN tunnel.
🧯 If You Can't Patch
- Disconnect YoLink Hub from internet and use local-only functionality
- Replace vulnerable YoLink devices with alternative secure products
🔍 How to Verify
Check if Vulnerable:
Check mobile app version in settings; versions ≤1.40.41 are vulnerable. Monitor MQTT traffic for unencrypted communication on port 1883.Check Version:
In YoLink app: Settings → About → VersionVerify Fix Applied:
Verify mobile app version >1.40.41 and confirm MQTT traffic is encrypted via packet capture.📡 Detection & Monitoring
Log Indicators:
- Unusual MQTT connection patterns
- Failed authentication attempts to MQTT broker
Network Indicators:
- Unencrypted MQTT traffic on port 1883 to/from YoLink devices
- Suspicious external IPs connecting to MQTT broker
SIEM Query:
destination_port:1883 AND protocol:MQTT AND NOT tls_encrypted:true