Statement on Insecure Local Communication Vulnerabilities in Tapo and Kasa Devices and apps

Security Advisory
Actualizado10-24-2024 09:26:54 AM 15947

TP-Link is aware of reports regarding CVE-2023-38906, CVE-2023-38908, and CVE-2023-38909. User security is our top priority, and to rectify the vulnerabilities, TP-Link has released the new firmware for the affected devices and new version of the Tapo/Kasa app.

Solution

Please update your Tapo/Kasa devices and app to the latest version to ensure optimal security.

How to upgrade the firmware for Tapo/Kasa devices:

https://www.tp-link.com/support/faq/2621/

https://www.tp-link.com/support/faq/1256/

How to upgrade the Tapo/Kasa app: Go to the App Store or Play Store, search for TP-Link Tapo or Kasa, and click Update.

Disclaimer

The vulnerabilities will remain if you do not take all the recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.

Revision History

2023-08-23 Published Advisory

2023-09-12 Updated Solution

2024-09-10 Updated Solution

¿Es útil esta pregunta frecuente?

Sus comentarios nos ayudan a mejorar este sitio.