Vulnerability in WhatsApp could remotely compromise a user’s device

November 18, 2019
by Valdis Koks
189 Views
2 min read

The Hacker News reports that the WhatsApp messenger recently fixed a critical vulnerability that could allow cybercriminals to remotely compromise a device and steal protected chat messages and files.

The vulnerability received the identifier CVE-2019-11931 and is a stack buffer overflow problem.

The error arose because WhatsApp parsed the elementary metadata stream in MP4 files. This gave attackers the opportunity to carry out a DoS attack or remotely execute arbitrary code.

All that was required for the remote operation of the bug was to know the phone number of the target and send it via WhatsApp a malicious MP4 file. Such a file could lead to the automatic installation of a backdoor or spyware application on a compromised device, effectively transferring control to the attackers”, – reports The Hacker News.

Vulnerability affected WhatsApp for all major platforms, including Google Android, Apple iOS and Microsoft Windows. According to the company’s Facebook, which owns the messenger, the list of vulnerable versions is as follows:

  • Android version up to 2.19.274
  • iOS version up to 2.19.100
  • Enterprise Client version up to 2.25.3
  • Windows Phone versions up to and including 2.18.368
  • Business for iOS versions up to 2.19.100

It is not yet known whether this vulnerability was exploited by cybercriminals before the developers released the update.

But journalists note that the problem is in many ways similar to another recently discovered WhatsApp vulnerability, due to the exploitation of which Facebook filed a lawsuit against the Israeli company NSO Group, which develops and sells spyware solutions and the so-called “legal malware”.

Read also: Unsuccessful Google experiment “broke” Chrome in companies around the world

The fact is that according to Facebook, NSO Group employees not only knew about that bug, but also used it to compromise the devices of more than 1,400 people in Bahrain, the United Arab Emirates and Mexico. If you consider yourself as one of the potential surveillance targets and have received a random, unexpected MP4 video file over WhatsApp from an unknown number in recent months, you should pay more attention to the upcoming developments of this event.

About the author

Valdis Koks

Security engineer, reverse engineering and memory forensics

View all posts

Leave a Comment