28
Set 2022
Vulnerability Alert - WhatsApp / WhatsApp Business
TYPE
Vulnerabilities
SYSTEMS AFFECTED
WhatsApp versions prior to 22.16.12
ECOSYSTEM
Android, iOS
Description
WhatsApp has released security updates to address two RCE vulnerabilities (CVE-2022-36934 and CVE-2022-27492) in its apps for Android and iOS. The first vulnerability affects both WhatsApp and WhatsApp Business in their versions prior to v2.22.16.12. On the other hand, the second vulnerability only affects WhatsApp for Android in the versions prior to v2.22.16.2, and WhatsApp for iOS in the versions prior to v2.22.15.9.
For technical details, please refer to [2].
Impact
It allows an attacker to achieve remote code execution.
Resolution
It is recommended to update the apps to their most recent version.
References