Dreame Technology iOS and Android Mobile Applications

Source: All CISA Advisories | Added:

Dreame Technology's mobile applications, including Dreamehome and MOVAhome, have a vulnerability related to improper certificate validation, which could lead to unauthorized information disclosure through man-in-the-middle attacks. This issue affects specific versions of the iOS and Android apps and has been assigned CVE-2025-8393.

---

Impact: Dreamehome iOS app, Dreamehome Android app, MOVAhome iOS app

In the Wild: No

Age: Newly disclosed

Remediation: Minimize network exposure for all control system devices, use secure remote access methods like VPNs, and perform proper impact analysis and risk assessment.

Read Full Original Article →