Do you use WhatsApp? You should pay close attention – it contained 6 critical vulnerabilities

The WhatsApp communication application is popular worldwide and used by approximately 1.5 billion users[1]. Its advantage is an easy use and relatively good communication between individual users. However, the vulnerabilities do not avoid even this application, detected in its source code.

WhatsApp has issued a warning about 6 critical vulnerabilities that allow:

  • remote code execution while playing a specifically recorded push-to-talk message (both in the client for Android and for iPhone),
  • remote code execution while displaying a message in the WhatsApp Desktop application,
  • obtaining information from the device, including e-mails, browsing history and location,
  • access to financial information on a victim’s device,
  • taking control of the microphone and camera on a victim’s device.

Individual vulnerabilities are tracked as CVE-2020-1894, CVE-2020-1891, CVE-2020-1890, CVE-2020-1889, CVE-2020-1886 and CVE-2019-11928.

The National Cyber Security Centre SK-CERT recommends that all users update the WhatsApp application immediately:

  • for devices with iOS to version 2.20.35 and higher,
  • for Android devices to version 2.20.35 or higher or 2.20.20 and higher,
  • for the application desktop version to version 0.3.4932 and higher.



« Späť na zoznam