Headline
CISA Adds TP-Link Wi-Fi and WhatsApp Spyware Flaws to KEV List
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to…
CISA updates its KEV List with TP-Link Wi-Fi extender and WhatsApp spyware flaws, urging users and agencies to patch risks before exploitation spreads.
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added two significant security vulnerabilities to its official list of known exploited flaws. For your information, this catalogue is a list of vulnerabilities that have been actively used by malicious actors.
****High-Severity Flaw in TP-Link Extender****
First on the list is a high-severity flaw in a TP-Link Wi-Fi Range Extender, the model TL-WA855RE. This serious issue, tracked as CVE-2020-24363, has a score of 8.8 out of 10. The problem is a “missing authentication” flaw, which means an attacker can get high-level access to the device.
Cybersecurity firm MalwareForensics stated that a fix was issued, which is available here, but please note, this model has reached its “end-of-life” status. This means the manufacturer is no longer providing updates or support, making it an ongoing security risk. Users of this specific range extender are advised to switch to a newer model to ensure their network remains secure.
****WhatsApp Targeted by Spyware****
A second, less severe but still concerning, vulnerability has been found in WhatsApp. This flaw, assigned CVE-2025-55177 with a score of 5.4, was reportedly used in a highly-targeted spyware campaign. The issue stems from “incomplete authorisation” for messages synced with linked devices.
The attackers used this vulnerability in combination with a separate flaw in Apple’s iOS, iPadOS, and macOS operating systems, identified as CVE-2025-43300, as reported by Hackread.com on August 31, 2025.
The vulnerability affected several versions of the application, including WhatsApp for iOS before version 2.25.21.73, WhatsApp Business for iOS before version 2.25.21.78, and WhatsApp for Mac before version 2.25.21.78. WhatsApp announced it sent in-app warnings to under 200 users who may have been specifically targeted by the campaign.
****What To Do****
These vulnerabilities are considered a serious risk to the public and private sectors. While the CISA’s catalogue is primarily a guide for US federal agencies, the agency strongly urges all organisations, and even individual users, to take these risks seriously. The government’s Binding Operational Directive (BOD) 22-01 mandates that federal agencies fix these issues promptly. This includes prioritising and fixing these vulnerabilities to protect against potential cyberattacks.
The inclusion of these flaws in the CISA catalogue prompted reactions from cybersecurity experts, highlighting the broader implications for both businesses and individuals.
Randolph Barr, Chief Information Security Officer at Cequence Security, points out that the TP-Link issue is often tied to home workers. He states that employees “turn to consumer extenders as a cheap and easy way to fix Wi-Fi dead zones,” but these devices often have weak security and are rarely updated. For him, the vulnerability on the KEV list is a reminder that “unmanaged consumer gear can quietly extend your attack surface if not addressed.”
Related news
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-50224 (CVSS score: 6.5) - An authentication bypass by spoofing vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain
WhatsApp has patched a vulnerability that was used in conjunction with an Apple vulnerability in zero-click attacks.
WhatsApp has patched a vulnerability that was used in conjunction with an Apple vulnerability in zero-click attacks.
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…
WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the
A list of topics we covered in the week of August 18 to August 24 of 2025
Apple fixes CVE-2025-43300, a flaw letting hackers hijack devices via malicious images. Users urged to update iPhone, iPad,…
Apple has released security updates to patch a zero-day vulnerability tracked as CVE-2025-43300 for all platforms