[Content]
Forwarded from TWCERTCC-200-202509-00000004

1.【CVE-2020-24363】TP-Link TL-WA855RE Missing Authentication for Critical Function Vulnerability (CVSS v3.1: 8.8)

【Ransomware Exploitation: Unknown】 A vulnerability exists in TP-Link TL-WA855RE where critical functions are not properly authenticated. An unauthenticated attacker on the same network could submit a TDDP_RESET POST request, forcing the device to reset to factory settings and reboot. The attacker could then configure a new administrator password to gain unauthorized access control. The affected product may have reached End of Life (EoL) and/or End of Support (EoS). Users are advised to stop using this product.

【Affected Platform】TP-Link TL-WA855RE V5 versions prior to 200731

2.【CVE-2025-55177】Meta Platforms WhatsApp Incorrect Authorization Vulnerability (CVSS v3.1: 5.4)

【Ransomware Exploitation: Unknown】 WhatsApp by Meta Platforms contains an incorrect authorization vulnerability caused by incomplete authorization checks for synchronizing messages on linked devices. This may allow unauthorized users to trigger and process arbitrary URLs on the target device.

【Affected Platforms】Please refer to the affected versions listed in the official advisory: https://www.facebook.com/security/advisories/cve-2025-55177

3.【CVE-2023-50224】TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability (CVSS v3.1: 6.5)

【Ransomware Exploitation: Unknown】 TP-Link TL-WR841N contains an authentication bypass vulnerability through spoofing, located in the httpd service (default listening on TCP port 80). This may result in leakage of stored credential information. The affected product may have reached End of Life (EoL) and/or End of Support (EoS). Users are advised to stop using this product.

【Affected Platform】TP-Link TL-WR841N V12

4.【CVE-2025-9377】TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability (CVSS v3.1: 7.2)

【Ransomware Exploitation: Unknown】 An OS command injection vulnerability exists in TP-Link Archer C7(EU) and TL-WR841N/ND(MS), located in the Parental Control page. The affected products may have reached End of Life (EoL) and/or End of Support (EoS). Users are advised to stop using these products.

【Affected Platforms】TP-Link TL-WR841N/ND(MS) V9 versions prior to 241108; TP-Link Archer C7(EU) V2 versions prior to 241108

5.【CVE-2025-38352】Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability (CVSS v3.1: 7.4)

【Ransomware Exploitation: Unknown】 A TOCTOU race condition vulnerability exists in the Linux Kernel, posing significant risks to confidentiality, integrity, and availability.

【Affected Platforms】 Linux kernel 2.6.36 to before 5.4.295 Linux kernel 5.5 to before 5.10.239 Linux kernel 5.11 to before 5.15.186 Linux kernel 5.16 to before 6.1.142 Linux kernel 6.2 to before 6.6.94 Linux kernel 6.7 to before 6.12.34 Linux kernel 6.13 to before 6.15.3 Linux kernel 6.16

6.【CVE-2025-48543】Android Runtime Use-After-Free Vulnerability (CVSS v3.1: 8.8)

【Ransomware Exploitation: Unknown】 A use-after-free vulnerability exists in Android Runtime, which may allow Chrome sandbox escape and lead to local privilege escalation.

【Affected Platforms】Please refer to the affected versions listed in the official advisory: https://source.android.com/security/bulletin/2025-09-01

7.【CVE-2025-53690】Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.0)

【Ransomware Exploitation: Unknown】 A deserialization of untrusted data vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud. This issue is related to the use of default machine keys. An attacker could exploit leaked ASP.NET machine keys to achieve remote code execution.

【Affected Platforms】Please refer to the affected versions listed in the official advisory: https://support.sitecore.com/kb"

Information Sharing Level: WHITE (Information content can be publicly disclosed)

[Recommended Actions]
1.【CVE-2020-24363】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://www.tp-link.com/us/support/download/tl-wa855re/v5/#Firmware

2.【CVE-2025-55177】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://www.facebook.com/security/advisories/cve-2025-55177

3.【CVE-2023-50224】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://www.tp-link.com/en/support/download/tl-wr841n/v12/#Firmware

4.【CVE-2025-9377】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://www.tp-link.com/us/support/faq/4308/

5.【CVE-2025-38352】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://git.kernel.org/stable/c/2c72fe18cc5f9f1750f5bc148cf1c94c29e106ff

https://git.kernel.org/stable/c/2f3daa04a9328220de46f0d5c919a6c0073a9f0b

https://git.kernel.org/stable/c/460188bc042a3f40f72d34b9f7fc6ee66b0b757b

https://git.kernel.org/stable/c/764a7a5dfda23f69919441f2eac2a83e7db6e5bb

https://git.kernel.org/stable/c/78a4b8e3795b31dae58762bc091bb0f4f74a2200

https://git.kernel.org/stable/c/c076635b3a42771ace7d276de8dc3bc76ee2ba1b

https://git.kernel.org/stable/c/c29d5318708e67ac13c1b6fc1007d179fb65b4d7

https://git.kernel.org/stable/c/f90fff1e152dedf52b932240ebbd670d83330eca

6.【CVE-2025-48543】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://source.android.com/security/bulletin/2025-09-01

7.【CVE-2025-53690】 The vendor has released security updates to fix this vulnerability. Please update to the relevant versions:

https://support.sitecore.com/kb