CVE-2026-30613
Awaiting Analysis
Awaiting Analysis - Queue
Information Disclosure via UART Debug Interface in AZIOT 1 Node Switch
Vulnerability report for CVE-2026-30613, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-04-06
Last updated on: 2026-07-05
Assigner: MITRE
Description
Description
An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch (16amp)- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from the serial console without authentication.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aziot | node_smart_switch | 1.1.9 |
| aziot | 1_node_smart_switch | 1.1.9 |
| tuya | tuyaos | 3.8.31 |
| beken | bk7231 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |