Statement on Insecure Local Communication Vulnerabilities in Tapo and Kasa Devices and apps
TP-Link is aware of reports regarding CVE-2023-38906, CVE-2023-38908, and CVE-2023-38909. User security is our top priority, and to rectify the vulnerabilities, TP-Link has released the new firmware for the affected devices and new version of the Tapo/Kasa app.
Solution
Please update your Tapo/Kasa devices and app to the latest version to ensure optimal security.
How to upgrade the firmware for Tapo/Kasa devices:
https://www.tp-link.com/support/faq/2621/
https://www.tp-link.com/support/faq/1256/
How to upgrade the Tapo/Kasa app: Go to the App Store or Play Store, search for TP-Link Tapo or Kasa, and click Update.
Disclaimer
The vulnerabilities will remain if you do not take all the recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.
Revision History
2023-08-23 Published Advisory
2023-09-12 Updated Solution
2024-09-10 Updated Solution
Byla tato FAQ užitečná?
Vaše zpětná vazba nám pomůže zlepšit naše webové stránky