CVE-2025-56557

CRITICAL

Tuya Smart Life App <5.6.1 - Privilege Escalation

Title source: llm
STIX 2.1

Description

An issue discovered in the Tuya Smart Life App 5.6.1 allows attackers to unprivileged control Matter devices via the Matter protocol.

References (2)

Scores

CVSS v3 9.1
EPSS 0.0004
EPSS Percentile 13.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-250
Status published
Products (1)
tuya/tuya 5.6.1
Published Sep 16, 2025
Tracked Since Feb 18, 2026