CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Posted on By CWS

Sep 03, 2025Ravie LakshmananVulnerability / Cell Safety
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Tuesday added a high-severity safety flaw impacting TP-Hyperlink TL-WA855RE Wi-Fi Ranger Extender merchandise to its Recognized Exploited Vulnerabilities (KEV) catalog, citing proof of lively exploitation.
The vulnerability, CVE-2020-24363 (CVSS rating: 8.8), issues a case of lacking authentication that could possibly be abused to acquire elevated entry to the vulnerable system.
“This vulnerability may permit an unauthenticated attacker (on the identical community) to submit a TDDP_RESET POST request for a manufacturing facility reset and reboot,” the company stated. “The attacker can then acquire incorrect entry management by setting a brand new administrative password.”
In response to malwrforensics, the problem has been mounted with firmware model TL-WA855RE(EU)_V5_200731. Nonetheless, it bears noting that the product has reached end-of-life (EoL) standing, that means it is unlikely to obtain any patches or updates. Customers of the Wi-Fi vary extender are suggested to exchange their gear with a more moderen mannequin that addresses the problem.

CISA has not shared any particulars on how the vulnerability is being exploited within the wild, by whom, or on the size of such assaults.
Additionally added to the KEV catalog is a safety flaw that WhatsApp disclosed final week (CVE-2025-55177, CVSS rating: 5.4) as having been exploited as a part of a highly-targeted spy ware marketing campaign by chaining it with an Apple iOS, iPadOS, and macOS vulnerability (CVE-2025-43300, CVSS rating: 8.8).
Not a lot is understood about who was focused and which industrial spy ware vendor is behind the assaults, however WhatsApp informed The Hacker Information that it despatched in-app menace notifications to lower than 200 customers who might have been focused as a part of the marketing campaign.
Federal Civilian Government Department (FCEB) businesses are suggested to use the required mitigations by September 23, 2025, for each the vulnerabilities to counter lively threats.

The Hacker News Tags:, , , , , , , ,

Related Posts

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands The Hacker News
Ex-Google Engineers Charged with Trade Secret Theft to Iran Ex-Google Engineers Charged with Trade Secret Theft to Iran The Hacker News
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks The Hacker News
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now The Hacker News
Critical Cisco SD-WAN Vulnerability Exploited Since 2023 Critical Cisco SD-WAN Vulnerability Exploited Since 2023 The Hacker News
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot The Hacker News