WhatsApp Remote Code Execution (RCE) Vulnerability

 In Security Alerts

From Alert

Attackers could remotely install surveillance malware on smartphones by simply calling the targeted phone. The WhatsApp call doesn’t even have to be answered and the spyware will erase the call logs from the devise, so the victim won’t be able to trace the attacker back.

Description

Remote code execution vulnerability has been discovered on WhatsApp which can be exploited by sending malicious packets to a targeted phone number. This vulnerability allows attackers to compromise devices using an advanced version of Pegasus spyware.
This is a buffer overflow vulnerability in WhatsApp VOIP (Voice over Internet Protocol) stack. An attacker would need to call a target and send rigged Secure Real-time Transport Protocol (SRTP) packets to the phone, allowing them to use the memory flaw in WhatsApp’s VOIP function to inject the spyware and control the device.

Affected Versions

• WhatsApp for Android prior to v2.19.134,
• WhatsApp Business for Android prior to v2.19.44,
• WhatsApp for iOS prior to v2.19.51,
• WhatsApp Business for iOS prior to v2.19.51,
• WhatsApp for Windows Phone prior to v2.18.348 and
• WhatsApp for Tizen prior to v2.18.15.

Impact

• Stealing sensitive information
• Remote code execution

Recommended actions

The patch was released on 13th May and all the users are advised to upgrade to the latest version of WhatsApp ASAP.
This can be done by updating the app through Google Play or the App Store.

More information and reference:

Recent Posts

Leave a Comment