CVE-2025-59447

low-risk

Published 2025-10-06

The YoSmart YoLink Smart Hub device 0382 exposes a UART debug interface. An attacker with direct physical access can leverage this interface to read a boot log, which includes network access credentials.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 2.2/10 Low

PHYSICAL / HIGH complexity

References (3)

https://bishopfox.com/blog/advisories

https://bishopfox.com/blog/how-a-20-smart-device-gave-me-access-to-your-home

https://shop.yosmart.com/pages/product-support

/ 100

low-risk

Severity 6/34 · Minimal

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal