Zero-Day

Warning!! New WhatsApp Zero-Day Bug Let Hackers Control The App Remotely

Two critical zero-day vulnerability that WhatsApp had been known to exploit was silently fixed by WhatsApp. As a result of these security flaws, attackers would be able to remotely execute arbitrary code on both Android and iOS devices.

With over a billion users around the world using both Android and iPhone handsets, WhatsApp is one of the world’s most popular messenger apps thanks to its privacy-focused nature.

A hacker could have taken full control of an app on a user’s phone remotely by exploiting these two critical zero-day vulnerabilities.

New Zero-Day

The newly-identified vulnerabilities are:-

  • CVE-2022-36934: Integer Overflow Bug
  • CVE-2022-27492: Integer Underflow Bug

These two vulnerabilities were discovered by the internal security team of WhatsApp. These two security flaws were marked as “Critical” and received a score of 10/10.

By exploiting these vulnerabilities, a threat actor could perform several illicit activities:- 

  • Launch malware
  • Steal sensitive data
  • Watch over the user’s activities
  • Hack the entire device

As soon as the user attends the call, the code would run automatically on their device. Both critical vulnerabilities have been fixed, so the threat is no longer a concern.

According to WhatsApp Advisory “An integer overflow(CVE-2022-36934) in WhatsApp for Android prior to v2.22.16.12, Business for Android prior to v2.22.16.12, iOS prior to v2.22.16.12, Business for iOS prior to v2.22.16.12 could result in remote code execution in an established video call.”

“An integer underflow (CVE-2022-27492) in WhatsApp for Android prior to v2.22.16.2, WhatsApp for iOS v2.22.15.9 could have caused remote code execution when receiving a crafted video file.”

As a result of CVE-2022-36934, an attacker has been able to execute specially crafted arbitrary code without any involvement from the user during an established Video call.

The term “integer overflow”, also referred to as “wraparound”, occurs when the number of integers is increased in a particular place.

According to the GBHackers report, The CVE-2022-27492 vulnerability involves user interaction and allows remote code execution by threat actors. Video File Handler is a component that works with video files and has been known to have a code block issue. 

It is possible for a memory corruption vulnerability to be exploited if an unknown input is used.

Fixed versions

Here below we have mentioned the versions fixed:-

For CVE-2022-36934:

  • Android prior to v2.22.16.12
  • Business for Android prior to v2.22.16.12
  • iOS prior to v2.22.16.12
  • Business for iOS prior to v2.22.16.12

For CVE-2022-27492:

  • Android prior to v2.22.16.2
  • iOS v2.22.15.9

In the underground market, the 0-day vulnerabilities were estimated to sell for between $5k to $25k. Apart from this, GBHackers claimed:-

“It has not been detected that any of the vulnerabilities described above have been exploited in any way.”

In order to prevent being affected by these critical RCE bugs, the users are advised to update their WhatsApp Messenger to the latest version.

Also Read: CyberSecurity with Zero Trust Networking – Download Free E-Book

Tushar Subhra Dutta

Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Lessons Learned from the CISA – Ivanti Cyberattack – 2024

In today's digital era, the frequency and sophistication of cyberattacks are on the rise, posing…

35 mins ago

Cisco Warns of Password Spraying Attacks Exploiting VPN Services

Password spraying is a technique hackers often take advantage of because it enables them to…

3 hours ago

GitLab Security Flaw Let Attackers Inject Malicious Scripts: Patch Now

GitLab has announced the release of updated versions for both its Community Edition (CE) and…

3 hours ago

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…

8 hours ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…

21 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

22 hours ago