Skip to content
CVSS 10.0CVSS 10.0 · CRITICAL

CVE-2026-50086

The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and "CWE-327: Use of a Broken or Risky Cryptographic Algorithm," and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (7.5 High).

View on NVD

Analysis

El gateway de IAM/SSO de Aqara permite realizar operaciones de cifrado AES con la llave de firma de la plataforma sin requerir ninguna autenticación. Esta vulnerabilidad crítica permite que atacantes comprometan la integridad del sistema de identidad y acceso de forma remota. Es fundamental para quienes integran servicios de Aqara revisar sus implementaciones de autenticación de inmediato.

Relevant roles

BackendCyberSecurityHardwareCloud

Severity

Score: 10.0(CRITICAL)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-327

EPSS

No EPSS score yet (CVE may be too fresh).

Technical description

The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and "CWE-327: Use of a Broken or Risky Cryptographic Algorithm," and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (7.5 High).

Published: 6/12/2026, 4:16:32 PM
Last modified: 6/12/2026, 5:16:25 PM

References

HomeEventsBlogResourcesTeam