216.73.216.75

CVE-2025-10991

· Published 30/09/2025 11:37 · Modified 30/09/2025 14:15

Labels: CVE-2025-10991 2025-09-30CVE-2025-10991CWE-306f23511db-6c3e-4e32-a477-6aa17d310630

Essential information

Published
30/09/2025 11:37
Modified
30/09/2025 14:15
Author
Creator
CVSS
7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The attacker may obtain root access by connecting to the UART port and this vulnerability requires the attacker to have the physical access to the device. This issue affects Tapo D230S1 V1.20: before 1.2.2 Build 20250907.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
f23511db-6c3e-4e32-a477-6aa17d310630
NVD
View on NVD

Affected products (CPE)

ProductCPE
tapo / d230s1 cpe:2.3:a:tapo:d230s1:<1.2.2:*:*:*:*:*:*:*

References