[Security Vulnerability Alert] CISA adds 7 known vulnerabilities to the KEV catalog (September 1-7, 2025)

 
2025/9/10 ~ 2026/3/10
View Count:62

Forwarded from Taiwan Computer Network Crisis Response and Coordination Center (TWCERTCC-200-202509-00000004)

[Description]
1. [CVE-2020-24363] TP-Link TL-WA855RE Missing Authentication for Critical Function Vulnerability (CVSS v3.1: 8.8)
[Exploited by Ransomware: Unknown] The TP-Link TL-WA855RE has a vulnerability where critical functions do not perform proper authentication. An unauthenticated attacker on the same network as the device could force the device to reset to factory settings and reboot by submitting a TDDP_RESET POST request. An attacker could then set a new administrator password, thereby gaining unauthorized access. The affected product may have reached End of Life (EoL) and/or End of Support (EoS). Users are advised to stop using this product.
[Affected Platforms] TP-Link TL-WA855RE V5 versions prior to 200731

2. [CVE-2025-55177] Meta Platforms WhatsApp Incorrect Authorization Vulnerability (CVSS v3.1: 5.4)
[Exploited by Ransomware: Unknown] Meta Platforms' WhatsApp contains an incorrect authorization vulnerability due to incomplete authorization checks on sync messages between connected devices. This vulnerability could allow an unauthorized user to trigger and process the content of arbitrary URLs on the target device.
[Affected Platforms] Please refer to the official list of affected versions.
https://www.facebook.com/security/advisories/cve-2025-55177

3. [CVE-2023-50224] TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability (CVSS v3.1: 6.5)
[Exploited by Ransomware: Unknown] The TP-Link TL-WR841N has an authentication bypass vulnerability in the httpd service (default listening on TCP port 80), which may lead to the disclosure of stored credential information. The affected product may have reached End of Life (EoL) and/or End of Service (EoS). Users are advised to stop using this product.
[Affected Platforms] TP-Link TL-WR841N V12

4. [CVE-2025-9377] TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability (CVSS v3.1: 7.2)
[Exploited by Ransomware: Unknown] TP-Link Archer C7(EU) and TL-WR841N/ND(MS) have an operating system command injection vulnerability located in the parental control interface. The affected products may have reached End of Life (EoL) and/or End of Support (EoS). Users are advised to stop using these products.
[Affected Platforms]
TP-Link TL-WR841N/ND(MS) V9 versions prior to 241108
TP-Link Archer C7(EU) V2 versions prior to 241108

5. [CVE-2025-38352] Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability (CVSS v3.1: 7.4)
[Exploited by Ransomware: Unknown] A TOCTOU race condition vulnerability exists in the Linux kernel, with a high impact on confidentiality, integrity, and availability.
[Affected Platforms]
Linux kernel versions 2.6.36 to 5.4.295 (excluding)
Linux kernel versions 5.5 to 5.10.239 (excluding)
Linux kernel versions 5.11 to 5.15.186 (excluding)
Linux kernel versions 5.16 to 6.1.142 (excluding)
Linux kernel versions 6.2 to 6.6.94 (excluding)
Linux kernel versions 6.7 to 6.12.34 (excluding)
Linux kernel versions 6.13 to 6.15.3 (excluding)
Linux kernel 6.16

6. [CVE-2025-48543] Android Runtime Use-After-Free Vulnerability (CVSS v3.1: 8.8)
[Exploited by ransomware: Unknown] Android A use-after-free vulnerability in the runtime could lead to a Chrome sandbox escape, potentially leading to local privilege escalation.
[Affected Platforms] Please refer to the official list of affected versions.
https://source.android.com/security/bulletin/2025-09-01

7. [CVE-2025-53690] Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.0)
[Exploited by Ransomware: Unknown] Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain an untrusted data deserialization vulnerability related to the use of a default machine key. This vulnerability could allow an attacker to exploit a compromised ASP.NET machine key to achieve remote code execution.
[Affected Platforms] Please refer to the official affected versions listed here.
https://support.sitecore.com/kb

[Affected Platforms]
For details, please refer to the affected platforms in the description section.

[Recommended Actions]
1. [CVE-2020-24363] A fix has been released for this vulnerability. Please update to the relevant version.
https://www.tp-link.com/us/support/download/tl-wa855re/v5/#Firmware

2. [CVE-2025-55177] A fix has been released for this vulnerability. Please update to the relevant version.
https://www.facebook.com/security/advisories/cve-2025-55177

3. [CVE-2023-50224] A fix has been released for this vulnerability. Please update to the relevant version.
https://www.tp-link.com/en/support/download/tl-wr841n/v12/#Firmware

4. [CVE-2025-9377] A fix has been released for this vulnerability. Please update to the relevant version.
https://www.tp-link.com/us/support/faq/4308/

5. [CVE-2025-38352] A fix has been released for this vulnerability. Please update to the relevant version.
https://git.kernel.org/stable/c/2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff
https://git.kernel.org/stable/c/2f3daa04a9328220de46f0d5c919a6c0073a9f0b
https://git.kernel.org/stable/c/460188bc042a3f40f72d34b9f7fc6ee66b0b757b
https://git.kernel.org/stable/c/764a7a5dfda23f69919441f2eac2a83e7db6e5bb
https://git.kernel.org/stable/c/78a4b8e3795b31dae58762bc091bb0f4f74a2200
https://git.kernel.org/stable/c/c076635b3a42771ace7d276de8dc3bc76ee2ba1b
https://git.kernel.org/stable/c/c29d5318708e67ac13c1b6fc1007d179fb65b4d7
https://git.kernel.org/stable/c/f90fff1e152dedf52b932240ebbd670d83330eca

6. [CVE-2025-48543] A fix has been released for this vulnerability. Please update to the relevant version.
https://source.android.com/security/bulletin/2025-09-01

7. [CVE-2025-53690] A fix has been released for this vulnerability. Please update to the relevant version.
https://support.sitecore.com/kb

Files
None
【Back】
Top↑