WhatsApp Patches Critical RCE Vulnerabilities, Qualys Offers Detection & Patch Management
WhatsApp has recently addressed two critical remote code execution (RCE) vulnerabilities, CVE-2022-27492 and CVE-2022-36934, affecting various versions of its platforms. To assist organizations in identifying affected devices, Qualys has developed Qualys VMDR Mobile.
The first vulnerability, CVE-2022-27492, with a CVSSv3 base score of 7.8, impacts WhatsApp for Android v2.22.16.2 and WhatsApp for iOS v2.22.15.9. Exploiting this vulnerability could enable an attacker to install malware on the device. WhatsApp has since released a patch to fix this issue.
The second vulnerability, CVE-2022-36934, is more severe with a CVSSv3 base score of 9.8. It affects assets running WhatsApp for Android prior to v2.22.16.12, WhatsApp Business for Android prior to v2.22.16.12, WhatsApp for iOS prior to v2.22.16.12, and WhatsApp Business for iOS prior to v2.22.16.12. WhatsApp has also patched this vulnerability.
Qualys VMDR Mobile can help organizations identify assets running WhatsApp with the impacted versions. It also provides patch orchestration for Android devices. Qualys offers a free trial for 30 days to assist organizations in detecting vulnerabilities and monitoring critical device settings.
With the recent patches, WhatsApp has addressed critical and high-severity vulnerabilities affecting its platforms. Organizations can utilize Qualys VMDR Mobile to identify affected devices and manage patches, ensuring the security of their communications.
Read also:
- Unveiling the Less-Discussed Disadvantages of Buds - Revealing the Silent Story
- "In a daring decision, Battlefield 6 forgoes ray tracing - understanding the advantages this choice brings"
- Hackers allegedly responsible for mobile banking fraud in Kenya, as per the central bank, yet confidential sources hint at potential insider involvement
- Upcoming Amazon Hardware Event 2025: Anticipated Announcements
