Wednesday, September 3, 2025
Cyber Security

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

by Wire Tech

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain elevated access to the susceptible device.

"This vulnerability could allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot," the agency said. "The attacker can then obtain incorrect access control by setting a new administrative password."

According to malwrforensics, the issue has been fixed with firmware version TL-WA855RE(EU)_V5_200731. However, it bears noting that the product has reached end-of-life (EoL) status, meaning it's unlikely to receive any patches or updates. Users of the Wi-Fi range extender are advised to replace their gear with a newer model that addresses the issue.

Trending
Classic PC game emulation is back on the iPhone with iDOS 3 release

CISA has not shared any details on how the vulnerability is being exploited in the wild, by whom, or on the scale of such attacks.

Also added to the KEV catalog is a security flaw that WhatsApp disclosed last week (CVE-2025-55177, CVSS score: 5.4) as having been exploited as part of a highly-targeted spyware campaign by chaining it with an Apple iOS, iPadOS, and macOS vulnerability (CVE-2025-43300, CVSS score: 8.8).

Not much is known about who was targeted and which commercial spyware vendor is behind the attacks, but WhatsApp told The Hacker News that it sent in-app threat notifications to less than 200 users who may have been targeted as part of the campaign.

Federal Civilian Executive Branch (FCEB) agencies are advised to apply the necessary mitigations by September 23, 2025, for both the vulnerabilities to counter active threats.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

________________________________________________________________________________________________________________________________
Original Article Published at The Hackers News
________________________________________________________________________________________________________________________________

You may also like

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

Hackers breach fintech firm in attempted $130M bank heist

Shadow AI Discovery: A Critical Part of Enterprise AI Governance

Cloudflare hit by data breach in Salesloft Drift supply chain attack

No, Google did not warn 2.5 billion Gmail users to reset passwords

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

Unlock the Power of Technology with Tech-Wire: The Ultimate Resource for Computing, Cybersecurity, and Mobile Technology Insights

  • Mumbai, India
  • Email: info@tech-wire.in

Recent Posts

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid...
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
Meta Will Enable You to Exclude Terms from AI Copy...

Userful Links

Our Policies

POPULAR CATEGORIES

Copyright @2023 All Right Reserved 

Facebook Twitter Instagram Linkedin Rss
@2021 - All Right Reserved. Designed and Developed by PenciDesign