Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Lifecycle Timeline
6DescriptionCVE.org
arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing out-of-bounds memory access that may result in information disclosure or a denial-of-service condition.
AnalysisAI
CVE-2026-28521 is an out-of-bounds memory read vulnerability in the TuyaIoT component of arduino-TuyaOpen library versions prior to 1.2.1, affecting IoT devices using Tuya's cloud platform. An attacker who compromises or controls the Tuya cloud service can send malformed DP (data point) events to trigger memory disclosure or denial-of-service conditions. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Tuya cloud service compromise or MITM capability required. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The risk profile shows conflicting signals: CVSS 7.7 (High) indicates significant impact, but the attack vector is marked as Local (AV:L) despite the description stating cloud-based exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker would first need to compromise Tuya's cloud infrastructure or perform a man-in-the-middle attack on the communication between IoT devices and Tuya cloud. Once positioned, they could send specially crafted DP event messages containing malformed data that triggers out-of-bounds reads in the device's memory. … |
| Remediation | Upgrade arduino-TuyaOpen library to version 1.2.1 or later, which contains the fix for this vulnerability. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all IoT devices and systems using arduino-TuyaOpen library versions prior to 1.2.1. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Arduino Tuyaopen
View allHeap-based buffer overflow vulnerability in the DnsServer component of Tuya's arduino-TuyaOpen library (versions before
Single-byte buffer overflow vulnerability in the WiFiMulti component of arduino-TuyaOpen (versions before 1.2.1) that al
Arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in its WiFiUDP component that al
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12228