Deco P9 PLC security issue

Deco P9 PLC security issue

Deco P9 PLC security issue
Deco P9 PLC security issue
2 weeks ago - last edited Thursday
Model: Deco P9  
Hardware Version: V2
Firmware Version: 1.2.1_build_20240929_Beta

Deco p9 doesn't set random password for PLC encryption during device pairing.

Default password is used to encrypt PLC communcations.

 

This is severe security issue. Traffic between Deco P9 which are using PLC backhaul can be eavesedropped.

@David-TP 

 

Please address this issue to your dev team... this must be fixed.

  1      
  1      
#1
Options
1 Accepted Solution
Re:Deco P9 PLC security issue-Solution
a week ago - last edited Thursday

  @kld39 

Hi, Nice to see you again, and Thank you for your time and patience.

I have consulted the senior engineers and they are confident that there isn't any security concern about the PLC communications. We haven't received any similar feedback either.  So please make sure your current firmware is up-to-date and if you already noticed any potential risk, please feel free to contact our security team:

https://www.tp-link.com/en/press/security-advisory/

 

Thanks again and best regards.

Recommended Solution
  1  
  1  
#2
Options
1 Reply
Re:Deco P9 PLC security issue-Solution
a week ago - last edited Thursday

  @kld39 

Hi, Nice to see you again, and Thank you for your time and patience.

I have consulted the senior engineers and they are confident that there isn't any security concern about the PLC communications. We haven't received any similar feedback either.  So please make sure your current firmware is up-to-date and if you already noticed any potential risk, please feel free to contact our security team:

https://www.tp-link.com/en/press/security-advisory/

 

Thanks again and best regards.

Recommended Solution
  1  
  1  
#2
Options

Information

Helpful: 1

Views: 85

Replies: 1

Related Articles