CVE-2025-9293

Insufficient Certificate Validation in Multiple Mobile Applications Allows Man in the Middle Interception

Description

A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position themselves within the communication channel. Successful exploitation may compromise confidentiality, integrity, and availability of application data.

INFO

Published Date :

2026-02-13T00:22:27.459Z

Last Modified :

2026-02-13T00:22:27.459Z

Source :

TPLink

AFFECTED PRODUCTS

The following products are affected by CVE-2025-9293 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-9293.

URL	Resource
https://www.tp-link.com/us/support/faq/4969/

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability