These two important vulnerabilities have been detailed on WhatsApp’s Safety Advisories web page. These bugs got here to mild on September 23, and have been fastened now with the newest replace.
The 2 important vulnerabilities with identification numbers — CVE-2022-36934 and CVE-2022-27492 — affected WhatsApp for Android, iOS, and Enterprise for Android, iOS apps.
The CVE-2022-3934 has been given a severity rating of 9.8 out of 10, making it a ‘important’ risk. In the meantime, the CVE-2022-27492 has been marked as a ‘excessive’ threat risk with a rating of seven.8 out of 10 on the CVE scale.
The important bugs would permit a foul actor to use a code error referred to as an integer overflow, permitting distant code execution on one’s smartphone throughout an “established video name” or via a “specifically crafted video file.”
Each of those zero-day vulnerabilities have been patched in current releases of WhatsApp. So, it’s extremely suggested to replace WhatsApp to the newest model in your cellphone.
Though, these bugs may nonetheless be a risk to customers’ of earlier variations of WhatsApp. As per the safety advisory, the bug may have an effect on: WhatsApp for Android previous to v188.8.131.52, WhatsApp for iOS previous to v184.108.40.206 WhatsApp Enterprise for Android previous to v220.127.116.11 and WhatsApp Enterprise for iOS previous to v18.104.22.168.