CVE-2025-1099

Vulnerability Description

This vulnerability exists in Tapo C500 Wi-Fi camera due to hard-coded RSA private key embedded within the device firmware. An attacker with physical access could exploit this vulnerability to obtain cryptographic private keys which can then be used to perform impersonation, data decryption and man in the middle attacks on the targeted device.

Related Weaknesses (CWE)

CWE-321

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0

FAQ

What is CVE-2025-1099?

CVE-2025-1099 is a documented vulnerability. This vulnerability exists in Tapo C500 Wi-Fi camera due to hard-coded RSA private key embedded within the device firmware. An attacker with physical access could exploit this vulnerability to obtain c...

How severe is CVE-2025-1099?

CVSS scoring is not yet available for CVE-2025-1099. Check NVD for updates.

Is there a patch for CVE-2025-1099?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.