PatchSiren cyber security CVE debrief
CVE-2026-12760 TP-Link Systems Inc. CVE debrief
CVE-2026-12760 is a denial-of-service (DoS) vulnerability identified in Tapo C200 v3. The vulnerability is caused by improper handling of IPv4 fragmented packets in the network packet handling logic. An unauthenticated adjacent attacker can exploit this vulnerability by sending crafted packets, leading to excessive resource consumption and device instability. Successful exploitation can trigger a temporary denial-of-service condition, causing the camera to become unresponsive and resulting in intermittent loss of video monitoring and recording. The vulnerability has a CVSS score of 7.1 and is classified as HIGH severity.
- Vendor
- TP-Link Systems Inc.
- Product
- Tapo C200 v3
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-24
- Original CVE updated
- 2026-06-29
- Advisory published
- 2026-06-24
- Advisory updated
- 2026-06-29
Who should care
Organizations using Tapo C200 v3 devices should prioritize patching this vulnerability to prevent potential disruptions to their video monitoring and recording capabilities. Security teams and network administrators responsible for managing and securing IoT devices, particularly those in surveillance and monitoring roles, should be aware of this vulnerability and take immediate action to mitigate the risk.
Technical summary
The vulnerability is caused by improper handling of IPv4 fragmented packets in the network packet handling logic of Tapo C200 v3. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to device instability. The vulnerability has a CVSS score of 7.1 and is classified as HIGH severity. The CVSS vector is CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
High priority should be given to patching this vulnerability, as it can lead to a temporary denial-of-service condition and disrupt video monitoring and recording capabilities. Security teams should work closely with network administrators to ensure that affected devices are identified and patched promptly.
Recommended defensive actions
- Identify and inventory all Tapo C200 v3 devices within the organization.
- Apply the latest firmware updates provided by the vendor to vulnerable devices.
- Implement network segmentation to limit the spread of the attack in case of a successful exploitation.
- Monitor network traffic and device logs for suspicious activity.
- Consider implementing compensating controls, such as rate limiting or traffic filtering, to mitigate the risk of exploitation.
Evidence notes
The vulnerability is documented in the NVD database and has been analyzed by the CVE.org team. The vendor, Tp Link, has provided release notes and a vendor advisory for this vulnerability. However, the exact scope of affected devices and the completeness of the vendor's advisory are not clear from the available information.
Official resources
-
CVE-2026-12760 CVE record
CVE.org
-
CVE-2026-12760 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
f23511db-6c3e-4e32-a477-6aa17d310630 - Release Notes
-
Mitigation or vendor reference
f23511db-6c3e-4e32-a477-6aa17d310630 - Release Notes
-
Mitigation or vendor reference
f23511db-6c3e-4e32-a477-6aa17d310630 - Vendor Advisory
This article is AI-assisted and based on the supplied source corpus.