Statement on Tapo L530 and Tapo App Vulnerabilities

Security Advisory
Updated 09-27-2024 09:04:12 AM 14367

Associated CVE ID

CVE-2023-38906, CVE-2023-38908, CVE-2023-38909

TP-Link is aware that researchers have disclosed a set of vulnerabilities in Tapo L530 and Tapo App.

At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available.

Affected TP-Link Products

Tapo L530(including L530B & L530E) with firmware version 1.0.x or earlier

Tapo App with version 2.17.x or earlier

Solution

TP-Link has released new firmware and app to fix the vulnerabilities. Please update your TP-Link devices and application to the latest versions to get rid of them.

Products

Fixed Version

Release State

Tapo L530(EU/US) V1

1.3.0 or later versions

Fully released

Tapo L530(TW) V1

1.1.0 or later versions

Fully released

Tapo L530(KR) V1

1.1.0 or later versions

Fully released

Tapo L530(EU/US) V2

1.1.0 or later versions

Fully released

Tapo L530(EU) V3

1.1.0 or later versions

Fully released

Tapo App

2.18.x or later versions

Fully released

How to upgrade the firmware of Tapo L530: https://www.tp-link.com/support/faq/2621/

How to upgrade the Tapo App: Go to APP Store or Play Store, search TP-Link Tapo and tap Update.

If you want to update the new firmware/app right away, please Contact Technical Support for the beta version.

Disclaimer

The vulnerabilities will remain if you do not take all recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.

Revision History

2023-08-23 Published advisory

2023-09-12 Updated Solution

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.