WhatsApp vulnerabilities

Two "remote code execution" vulnerabilities affecting WhatsApp could allow attackers to gain complete control of a targeted user's mobile application.

The first vulnerability affects the Video Call Handler component where an attacker can exploit the app during a video call with a targeted user to take complete control of their WhatsApp app.

Versions which are affected by this vulnerability are:

  • WhatsApp for iOS and Android before version 2.22.16.12
  • WhatsApp Business for iOS and Android before version 2.22.16.12

The second vulnerability affects the Video File Handler component by sending a specially crafted video file to targeted users and convincing them to play it.

Versions affected by the second vulnerability are:

  • WhatsApp for Android before version 2.22.16.2
  • WhatsApp for iOS before version 2.22.15.9

WhatsApp users are strongly advised to update their application to the latest version immediately.