CVE-2025-9293
Awaiting Analysis Awaiting Analysis - Queue
TLS Certificate Validation Bypass Allows Man-in-the-Middle Attacks

Publication date: 2026-02-13

Last updated on: 2026-04-01

Assigner: TPLink

Description
A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-13
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-02-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9293
Affected Vendors & Products
Showing 14 associated CPEs
Vendor Product Version / Range
tp-link aginet to 2.13.6 (exc)
tp-link deco to 3.9.163 (exc)
tp-link festa to 1.7.1 (exc)
tp-link kasa to 3.4.350 (exc)
tp-link kidshield to 1.1.21 (exc)
tp-link omada to 4.25.25 (exc)
tp-link omada_guard to 1.1.28 (exc)
tp-link tapo to 3.14.111 (exc)
tp-link tether to 4.12.27 (exc)
tp-link tp-partner to 2.0.1 (exc)
tp-link tpcamera to 3.2.17 (exc)
tp-link vigi to 2.7.70 (exc)
tp-link wi-fi_navi to 1.5.5 (exc)
tp-link wifi_toolkit to 1.4.28 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9293 is a high-severity vulnerability found in multiple TP-Link mobile applications. It stems from insufficient certificate validation during TLS communications, causing the applications to accept untrusted or improperly validated server identities.

This flaw allows an attacker who is positioned within a privileged network (man-in-the-middle) to intercept or modify the encrypted traffic between the mobile app and its server.

Successful exploitation compromises the confidentiality, integrity, and availability of the application data.

Impact Analysis

If exploited, this vulnerability can allow an attacker to intercept or alter the data transmitted between your TP-Link mobile application and its server.

This can lead to exposure of sensitive information, unauthorized data modification, and disruption of application services, thereby compromising confidentiality, integrity, and availability of your application data.

Users who do not update their affected TP-Link mobile applications remain vulnerable to man-in-the-middle attacks.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, users of affected TP-Link mobile applications should immediately update to the latest versions available on the Google Play Store.

  • Update Tapo to version 3.14.111 or later.
  • Update Kasa to version 3.4.350 or later.
  • Update Omada to version 4.25.25 or later.
  • Update Omada Guard to version 1.1.28 or later.
  • Update Tether to version 4.12.27 or later.
  • Update Deco to version 3.9.163 or later.
  • Update Aginet to version 2.13.6 or later.
  • Update tpCamera to version 3.2.17 or later.
  • Update WiFi Toolkit to version 1.4.28 or later.
  • Update Festa to version 1.7.1 or later.
  • Update Wi-Fi Navi to version 1.5.5 or later.
  • Update KidShield to version 1.1.21 or later.
  • Update TP-Partner to version 2.0.1 or later.
  • Update VIGI to version 2.7.70 or later.

Note that iOS applications are not affected by this issue.

Failure to update leaves the applications vulnerable to man-in-the-middle attacks, potentially exposing sensitive data and compromising application security.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9293. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart