Login Sign Up

CVE-2020-12110

9.8 CRITICAL

📋 TL;DR

This vulnerability affects multiple TP-Link cloud camera models that use a hardcoded encryption key for communication. Attackers can decrypt sensitive data and potentially gain unauthorized access to camera feeds and device control. All users of the specified TP-Link camera models with vulnerable firmware versions are affected.

💻 Affected Systems

Products:
  • TP-Link NC200
  • TP-Link N210
  • TP-Link NC220
  • TP-Link NC230
  • TP-Link NC250
  • TP-Link NC260
  • TP-Link NC450
Versions: NC200: 2.1.9 build 200225, N210: 1.0.9 build 200304, NC220: 1.3.0 build 200304, NC230: 1.3.0 build 200304, NC250: 1.3.0 build 200304, NC260: 1.5.2 build 200304, NC450: 1.5.3 build 200304
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices with default configurations using cloud connectivity are vulnerable. Local-only configurations may reduce exposure.

📦 What is this software?

Nc200 Firmware by Tp Link

View all CVEs affecting Nc200 Firmware →

Nc200 Firmware by Tp Link

View all CVEs affecting Nc200 Firmware →

Nc210 Firmware by Tp Link

View all CVEs affecting Nc210 Firmware →

Nc210 Firmware by Tp Link

View all CVEs affecting Nc210 Firmware →

Nc210 Firmware by Tp Link

View all CVEs affecting Nc210 Firmware →

Nc220 Firmware by Tp Link

View all CVEs affecting Nc220 Firmware →

Nc220 Firmware by Tp Link

View all CVEs affecting Nc220 Firmware →

Nc220 Firmware by Tp Link

View all CVEs affecting Nc220 Firmware →

Nc230 Firmware by Tp Link

View all CVEs affecting Nc230 Firmware →

Nc230 Firmware by Tp Link

View all CVEs affecting Nc230 Firmware →

Nc230 Firmware by Tp Link

View all CVEs affecting Nc230 Firmware →

Nc250 Firmware by Tp Link

View all CVEs affecting Nc250 Firmware →

Nc250 Firmware by Tp Link

View all CVEs affecting Nc250 Firmware →

Nc250 Firmware by Tp Link

View all CVEs affecting Nc250 Firmware →

Nc250 Firmware by Tp Link

View all CVEs affecting Nc250 Firmware →

Nc260 Firmware by Tp Link

View all CVEs affecting Nc260 Firmware →

Nc260 Firmware by Tp Link

View all CVEs affecting Nc260 Firmware →

Nc260 Firmware by Tp Link

View all CVEs affecting Nc260 Firmware →

Nc260 Firmware by Tp Link

View all CVEs affecting Nc260 Firmware →

Nc260 Firmware by Tp Link

View all CVEs affecting Nc260 Firmware →

Nc450 Firmware by Tp Link

View all CVEs affecting Nc450 Firmware →

Nc450 Firmware by Tp Link

View all CVEs affecting Nc450 Firmware →

Nc450 Firmware by Tp Link

View all CVEs affecting Nc450 Firmware →

Nc450 Firmware by Tp Link

View all CVEs affecting Nc450 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of camera systems allowing attackers to view live feeds, manipulate recordings, disable cameras, pivot to internal networks, and maintain persistent access.

🟠

Likely Case

Unauthorized access to camera feeds, potential privacy violations, and ability to disable security monitoring.

🟢

If Mitigated

Limited impact if cameras are isolated on separate VLANs without internet access and proper network segmentation.

🌐 Internet-Facing: HIGH - Cloud-connected cameras with hardcoded keys allow remote attackers to intercept and decrypt communications.
🏢 Internal Only: MEDIUM - Attackers with internal network access could exploit this, but requires network foothold first.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Hardcoded key means attackers only need to intercept encrypted traffic and apply the known key. Public exploit details available in referenced disclosures.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check TP-Link support for latest firmware updates

Vendor Advisory: https://www.tp-link.com/us/support/download/

Restart Required: Yes

Instructions:

1. Visit TP-Link support site for your camera model. 2. Download latest firmware. 3. Log into camera web interface. 4. Navigate to System > Maintenance > Firmware Upgrade. 5. Upload firmware file. 6. Wait for reboot.

🔧 Temporary Workarounds

Network Isolation

all

Place cameras on isolated VLAN without internet access

Disable Cloud Features

all

Turn off cloud connectivity and use local-only access

🧯 If You Can't Patch

  • Disconnect cameras from internet entirely
  • Implement strict firewall rules to block all inbound/outbound camera traffic except from management stations

🔍 How to Verify

Check if Vulnerable:

Check firmware version in camera web interface under System > Status > Firmware Version

Check Version:

Check via web interface or TP-Link Tapo app under device information

Verify Fix Applied:

Verify firmware version is newer than affected versions listed above

📡 Detection & Monitoring

Log Indicators:

  • Unusual authentication attempts
  • Firmware version changes
  • Multiple failed decryption attempts

Network Indicators:

  • Unusual traffic patterns to/from camera IPs
  • Traffic using known hardcoded encryption patterns

SIEM Query:

source_ip IN (camera_ips) AND (event_type="authentication_failure" OR protocol="unknown_encryption")

📊 Metadata

CVE ID: CVE-2020-12110
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-798
Published: May 4, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-12110, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)