An integer overflow in WhatsApp could result in remote code execution in an established video call.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWhatsapp
APPWhatsapp< 2.22.16.12Whatsapp Business
APPWhatsapp< 2.22.16.12
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2019-3568CRITICAL9.8⚠ KEVten sam produkt
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted ser...
CVE-2021-24043CRITICAL9.1ten sam produkt
A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business fo...
CVE-2021-24042CRITICAL9.8ten sam produkt
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23,...
CVE-2021-24041CRITICAL9.8ten sam produkt
A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business f...
CVE-2021-24035CRITICAL9.1ten sam produkt
A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Bu...