TP-Link has rolled out crucial security patches addressing two vulnerabilities in its Kasa EC70 v4 and EC71 v4 smart cameras. Identified as CVE-2026-9770 and CVE-2026-13230, these issues could enable hackers on the same local network to extract sensitive data from affected devices. Users are advised to update their firmware promptly to mitigate these risks.
Critical Vulnerability Details
The more severe of the two vulnerabilities, CVE-2026-9770, involves a hardware cryptographic key disclosure with a CVSS score of 8.6, categorized as high risk. TP-Link reports that a hardcoded cryptographic key is embedded in the camera’s system image, potentially exposing communications between the device and its management interface.
Exploitation of this vulnerability could lead to man-in-the-middle (MitM) attacks, where attackers intercept data traffic or acquire administrative credentials. This exposure allows malicious actors to compromise the confidentiality of the devices’ communication.
Understanding Man-in-the-Middle Attacks
Man-in-the-middle attacks occur when an adversary intercepts communication between a device and its management interface without being detected. This can happen on shared networks, compromised routers, or inadequately segmented office systems.
In the case of TP-Link cameras, attackers utilizing the shared network connection could snoop on or manipulate the communications, exposing sensitive information or altering device operations.
Secondary Vulnerability and Mitigation Steps
The second vulnerability, CVE-2026-13230, centers on the camera’s local discovery response mechanism, assigned a CVSS score of 5.3, considered medium risk. It allows attackers on the same network to exploit the discovery service to access sensitive geolocation data without authentication.
To counteract these vulnerabilities, TP-Link has released firmware updates: version 2.4.0 Build 20260520 and version 2.4.1 Build 20260621. Users should apply these updates via TP-Link’s support portal or the Kasa app, keeping their mobile application current as well.
Until updates are implemented, users can minimize risk by isolating cameras on a separate IoT network, using robust Wi-Fi encryption, and limiting local network access. Ensuring routers have the latest firmware and implementing network segmentation can further protect against potential breaches.
TP-Link emphasizes the urgency of applying these security fixes, warning that devices left unpatched may remain susceptible to attacks. By taking these preventive measures, users can significantly diminish the likelihood of unauthorized access and safeguard their devices.
