A critical security flaw was added to CISAβs KEV catalog affecting TP-Link TL-WA855RE Wi-Fi Extenders, with active exploitation reported. A separate vulnerability involving WhatsApp was also noted, linked to a targeted spyware campaign. #CISA #TPLinkVulnerability #WhatsAppSpyware
Keypoints
- The vulnerability CVE-2020-24363 impacts TP-Link TL-WA855RE Wi-Fi extenders and allows unauthorized resets.
- The flaw enables attackers on the same network to reset devices and gain administrative access.
- The affected product is end-of-life and no longer receives firmware updates, increasing risk.
- WhatsApp disclosed a vulnerability, CVE-2025-55177, exploited in a targeted spyware campaign.
- FCEB agencies must implement mitigations for both vulnerabilities by September 23, 2025.
Read More: https://thehackernews.com/2025/09/cisa-adds-tp-link-and-whatsapp-flaws-to.html