TP-Link Systems Inc. Receives CVE Numbering Authority Designation for Cybersecurity Vulnerability Management

IRVINE, Calif.--(BUSINESS WIRE)--TP-Link Systems Inc., a global leader in networking and smart home solutions, today announced its official authorization by the Common Vulnerability and Exposures Program (CVE®) as a CVE Numbering Authority (CNA). This designation empowers TP-Link to assign CVE IDs to certain vulnerabilities potentially related to its products, furthering its commitment to proactive cybersecurity measures.

The CVE Program is an international, community-driven initiative that identifies, defines, and catalogs publicly disclosed cybersecurity vulnerabilities. CNAs are organizations that are responsible for assigning CVE IDs and publishing detailed information about vulnerabilities, contributing to a more secure digital ecosystem. TP-Link’s new role as a CNA enhances its ability to respond swiftly to security threats and ensures greater transparency in vulnerability reporting.

“As cybersecurity threats continue to evolve, TP-Link remains dedicated to strengthening security across our product lines and fostering trust with our customers,” said Jeff Barney, President of TP-Link Systems Inc. “Becoming a CVE Numbering Authority underscores our proactive approach to responsible vulnerability disclosure and reaffirms our commitment to working with the security community to safeguard users worldwide.”

TP-Link’s CNA status builds upon its recent cybersecurity initiatives. The company is a proud signatory of the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) “Secure by Design” pledge and actively participates in CISA’s Secure by Design Technical Exchange Group. TP-Link also maintains a vulnerability disclosure program and sponsors a bug bounty program to encourage responsible reporting from security researchers.

Through its active participation in the CVE Program, TP-Link is taking a leadership role in vulnerability management, ensuring that security researchers, partners, and customers benefit from a streamlined and efficient process for identifying and addressing potential threats. This initiative reflects TP-Link’s broader mission to enhance transparency, improve product security, and collaborate with the cybersecurity community to build a safer internet for everyone.

About TP-Link Systems Inc.

Headquartered in the United States, TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, consistently ranked as the world’s top provider of Wi-Fi devices. The company is committed to delivering innovative products that enhance people’s lives through faster, more reliable connectivity. With a commitment to excellence, TP-Link serves customers in over 170 countries and continues to grow its global footprint.

About the CVE Program

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

The CVE Program is sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), of the U.S. Department of Homeland Security (DHS) and is operated by the MITRE Corporation in close collaboration with international industry, academic, and government stakeholders.