CISA Orders Federal Agencies to Fix WhatsApp Zero-Click Exploit and TP-Link Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an order for federal agencies to address critical vulnerabilities, including a zero-click exploit in WhatsApp and a flaw in TP-Link devices. The WhatsApp vulnerability, exploited by an Iranian state-sponsored group, poses a significant threat to users worldwide.
CISA has added two critical flaws to its Known Exploited Vulnerabilities catalog. The first, CVE-2025-55177, is a zero-click exploit in WhatsApp that allows attackers to compromise devices and data without any user interaction. This vulnerability affects both iPhone and Android users, including civil society. WhatsApp has patched the flaw, but lingering risks remain.
The entity behind the WhatsApp attack, which has victimised users in the last 90 days, is attributed to the Iranian state-sponsored threat group known as 'Phosphorus' or APT35. CISA has ordered federal agencies to fix these identified vulnerabilities by September 23, 2025.
The second flaw, CVE-2020-24363, is a missing authentication flaw in TP-Link TL-WA855RE Wi-Fi extenders. This vulnerability allows unauthenticated attackers to factory reset the device and set a new admin password.
CISA's order underscores the urgency to address these critical vulnerabilities. While WhatsApp has patched the zero-click exploit, users are advised to ensure their apps are updated. For TP-Link users, changing passwords and keeping firmware up-to-date is crucial. Federal agencies must comply with CISA's directive by the given deadline to mitigate potential security breaches.
