CVE-2025-4975

Summary

When a notification relating to low battery appears for a user with whom the device has been shared, tapping the notification grants full access to the power settings of that device.

Affected Software

VendorProductVersion RangeStatus
TP-Link Systems Inc.TP-Link Tapo app0 < 3.10.513affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References