CVE-2025-64983
📋 TL;DR
Smart Video Doorbell devices with firmware versions before 2.01.078 contain active debug code that enables Telnet access. Attackers can connect via Telnet to gain unauthorized access to the device. This affects all users of vulnerable SwitchBot Video Doorbell devices.
💻 Affected Systems
- SwitchBot Video Doorbell
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete device compromise allowing attackers to disable security features, access video feeds, manipulate device behavior, or pivot to internal networks.
Likely Case
Unauthorized access to device allowing surveillance, disabling of doorbell functions, or installation of persistent malware.
If Mitigated
Limited impact if device is isolated from internet and internal networks, though local network access could still be exploited.
🎯 Exploit Status
Exploitation requires only Telnet client and network access to device. No authentication needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.01.078
Vendor Advisory: https://jvn.jp/en/jp/JVN67185535
Restart Required: Yes
Instructions:
1. Open SwitchBot app. 2. Navigate to device settings. 3. Check for firmware updates. 4. Install firmware version 2.01.078 or later. 5. Device will restart automatically.
🔧 Temporary Workarounds
Block Telnet Port
linuxBlock Telnet port 23 at network perimeter to prevent external exploitation
iptables -A INPUT -p tcp --dport 23 -j DROP
Network Segmentation
allIsolate doorbell devices on separate VLAN with restricted access
🧯 If You Can't Patch
- Disconnect device from internet and place on isolated network segment
- Implement strict firewall rules blocking all inbound connections to device
🔍 How to Verify
Check if Vulnerable:
Attempt Telnet connection to device IP on port 23. If connection succeeds, device is vulnerable.Check Version:
Check firmware version in SwitchBot app device settingsVerify Fix Applied:
Attempt Telnet connection after update. Connection should be refused or timeout.📡 Detection & Monitoring
Log Indicators:
- Telnet connection attempts to device IP
- Unexpected device reboots or configuration changes
Network Indicators:
- Telnet traffic (port 23) to doorbell devices
- Unusual outbound connections from doorbell
SIEM Query:
source_ip="doorbell_ip" AND dest_port=23 AND protocol="TCP"