CVE-2026-28521 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya…
High CVSS: 7.0

CVE-2026-28521

arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing out-of-bounds memory access that may result in information disclosure or a denial-of-service condition.
Vendor
Tuya
Product
Arduino-tuyaopen
CWE
CWE-125
Yayın Tarihi
2026-03-16 14:19:28
Güncelleme
2026-03-17 20:24:33
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-125 Arduino-tuyaopen HIGH Tuya 2026

Referanslar

https://github.com/tuya/arduino-TuyaOpen https://src.tuya.com/announcement/32 https://www.vulncheck.com/advisories/arduino-tuyaopen-tuyaiot-out-of-bounds-memory-read-information-disclosure