← Back to home
ICSA-25-219-06  ·  Published 2026-06-02  ·  View on CISA ICS-CERT ↗

Dreame Technology iOS and Android Mobile Applications (Update A)

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of this vulnerability could result in unauthorized information disclosure.

CVEs (1)

Remediations

  • Dreame has updated their mobile app to remove unencrypted communications and implement SSL certificate based secure communication. Users should upgrade to the most current version of the mobile application.
  • Contact Dreame Technology directly for more information. Note that MOVA is a subsidiary of Dreame Technology.

Affected Vendors

Dreame Technology

Affected Products (3)

Dreame Technology · Dreamehome iOS app <=2.3.4
Dreame Technology · Dreamehome Android app <=2.1.8.8
Dreame Technology · MOVAhome iOS app <=1.2.3

Affected Sectors

Communications

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more