CVE-2022-36934 Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
1 min read
CVE-2022-36934 Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
Risk: Critical
CVE ID: CVE-2022-36934
CVSS Score: 9.8
Impacted Product: WhatsApp and WhatsApp Business for Android and iOS Up to 2.22.16.12
CVE-ID: CWE-190 & CWE-122
Published Date: 03 Oct 2022
Updated:
Vulnerability Threat & Description:
An integer overflow vulnerability in WhatsApp leading to remote code execution in an established video call. An attacker can exploit this vulnerability by manipulating the WhatsApp component Video Call Handler so that a heap-based buffer overflow can be triggered and WhatsApp Messenger can be taken over.
Remediation Level: Install Vender Security Update
Attack Vector: Network
Authentication requested: None
Privileges Required: None
Patch Available: Yes
Public Exploit available:
Attack Complexity: Low
User Interaction: None
Impact on:
• Confidentiality: High
• Integrity: None
• Availability: None
More Info: