Warning!! New WhatsApp Zero-Day Bug Let Hackers Control The App Remotely

Two critical zero-day vulnerability that WhatsApp had been known to exploit was silently fixed by WhatsApp. As a result of these security flaws, attackers would be able to remotely execute arbitrary code on both Android and iOS devices.

With over a billion users around the world using both Android and iPhone handsets, WhatsApp is one of the world’s most popular messenger apps thanks to its privacy-focused nature.

A hacker could have taken full control of an app on a user’s phone remotely by exploiting these two critical zero-day vulnerabilities.

New Zero-Day

The newly-identified vulnerabilities are:-

EHA
  • CVE-2022-36934: Integer Overflow Bug
  • CVE-2022-27492: Integer Underflow Bug

These two vulnerabilities were discovered by the internal security team of WhatsApp. These two security flaws were marked as “Critical” and received a score of 10/10.

By exploiting these vulnerabilities, a threat actor could perform several illicit activities:- 

  • Launch malware
  • Steal sensitive data
  • Watch over the user’s activities
  • Hack the entire device

As soon as the user attends the call, the code would run automatically on their device. Both critical vulnerabilities have been fixed, so the threat is no longer a concern.

According to WhatsApp Advisory “An integer overflow(CVE-2022-36934) in WhatsApp for Android prior to v2.22.16.12, Business for Android prior to v2.22.16.12, iOS prior to v2.22.16.12, Business for iOS prior to v2.22.16.12 could result in remote code execution in an established video call.”

“An integer underflow (CVE-2022-27492) in WhatsApp for Android prior to v2.22.16.2, WhatsApp for iOS v2.22.15.9 could have caused remote code execution when receiving a crafted video file.”

As a result of CVE-2022-36934, an attacker has been able to execute specially crafted arbitrary code without any involvement from the user during an established Video call.

The term “integer overflow”, also referred to as “wraparound”, occurs when the number of integers is increased in a particular place.

According to the GBHackers report, The CVE-2022-27492 vulnerability involves user interaction and allows remote code execution by threat actors. Video File Handler is a component that works with video files and has been known to have a code block issue. 

It is possible for a memory corruption vulnerability to be exploited if an unknown input is used.

Fixed versions

Here below we have mentioned the versions fixed:-

For CVE-2022-36934:

  • Android prior to v2.22.16.12
  • Business for Android prior to v2.22.16.12
  • iOS prior to v2.22.16.12
  • Business for iOS prior to v2.22.16.12

For CVE-2022-27492:

  • Android prior to v2.22.16.2
  • iOS v2.22.15.9

In the underground market, the 0-day vulnerabilities were estimated to sell for between $5k to $25k. Apart from this, GBHackers claimed:-

“It has not been detected that any of the vulnerabilities described above have been exploited in any way.”

In order to prevent being affected by these critical RCE bugs, the users are advised to update their WhatsApp Messenger to the latest version.

Also Read: CyberSecurity with Zero Trust Networking – Download Free E-Book