- CISA added a high-risk vulnerability affecting TP-Link TL-WA855RE Wi-Fi Range Extenders to its Known Exploited Vulnerabilities catalog.
- The security flaw, CVE-2020-24363, can let attackers gain control by resetting the device and setting a new admin password.
- The problem has been fixed in an earlier firmware, but the device has reached end-of-life and will not get future updates.
- A WhatsApp vulnerability (CVE-2025-55177), exploited in a targeted spyware campaign using an Apple OS flaw, was also added to the catalog.
- Federal agencies must apply recommended fixes by September 23, 2025, to protect against ongoing threats.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two actively exploited security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on September 2, 2025. The first flaw impacts the TP-Link TL-WA855RE Wi-Fi Range Extender. The second targets WhatsApp through a highly-targeted spyware attack chaining a related Apple operating system vulnerability.
CISA explained that the TP-Link vulnerability, tracked as CVE-2020-24363 with a CVSS score of 8.8, allows an attacker connected to the same network to send a specially crafted command. This command triggers a device reset, letting attackers set a new admin password and get unauthorized control. Firmware version TL-WA855RE(EU)_V5_200731 fixed the issue, but the product’s end-of-life status means no further patches are expected, according to malwrforensics.
CISA stated: “This vulnerability could allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.” The agency advises users to replace outdated Wi-Fi range extenders to ensure proper security, as continued use increases risk.
The agency also added a WhatsApp vulnerability, CVE-2025-55177. Attackers chained this flaw with an Apple iOS, iPadOS, and macOS issue, CVE-2025-43300, to launch a spyware campaign. WhatsApp reported it notified fewer than 200 users who may have been targeted. Details on the perpetrators, methods, and scale remain undisclosed, but it is suspected a commercial surveillance vendor is behind the attack.
Federal Civilian Executive Branch agencies must apply all required mitigations by September 23, 2025, to reduce their exposure to these ongoing threats. Further details on the vulnerabilities and advisories are available from CISA.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Coinbase to Launch MAG7 Crypto-Equity Index Futures Sept. 22
- Trump Family’s WLFI Token Burns 47M to Slow Price Drop After Launch
- Salesloft Drift Supply Chain Attack Hits 700+ Firms, Data Stolen
- Stablecoin Surge Ties Crypto Liquidity Closer to Fed Policy
- Venus Protocol User Loses $13M in Phishing; Funds Recovered
