CVE-2023-38909 Information

Description

An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.

Reference

https://arxiv.org/pdf/2308.09019.pdf https://arxiv.org/abs/2308.09019 https://www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1