Two Remote Code Execution Vulnerabilities Patched in WhatsApp By Orbit Brain September 27, 2022 0 272 viewsCyber Security News House › VulnerabilitiesTwo Distant Code Execution Vulnerabilities Patched in WhatsAppBy Eduard Kovacs on September 27, 2022TweetWhatsApp has patched two critical vulnerabilities that could possibly be exploited for distant code execution.WhatsApp solely has three safety advisories for 2022, with the primary two launched in January and February. The newest advisory, launched this month, informs prospects of two memory-related points affecting the WhatsApp cellular purposes.One of many flaws, tracked as CVE-2022-36934 and rated ‘essential’, is an integer overflow concern that impacts WhatsApp for Android previous to 2.22.16.12, Enterprise for Android previous to 2.22.16.12, iOS previous to 2.22.16.12, and Enterprise for iOS previous to 2.22.16.12.In line with WhatsApp, an attacker can exploit the vulnerability for distant code execution throughout a video name.The second concern, a high-severity flaw tracked as CVE-2022-27492, is an integer underflow that may be exploited for distant code execution by sending a specifically crafted video file to the focused consumer. It has been patched in WhatsApp for Android and iOS with the discharge of variations 2.22.16.2 and a pair of.22.15.9, respectively.In line with cybersecurity agency Malwarebytes, CVE-2022-36934 impacts the Video Name Handler part, whereas CVE-2022-27492 impacts the Video File Handler part.The vulnerabilities seem to have been found internally and there’s no indication that they’ve been exploited within the wild.WhatsApp vulnerabilities could be extremely beneficial to malicious actors. There have been reviews in recent times of WhatsApp zero-days being exploited to put in malware on smartphones. WhatsApp has even filed a lawsuit in opposition to Israeli spy ware firm NSO Group for infecting prospects’ telephones.Exploit acquisition firm Zerodium is at present providing as much as $1 million for WhatsApp exploits that obtain distant code execution and native privilege escalation, and as much as $1.5 million if the exploit doesn’t require any consumer interplay.Associated: Swiss Military Knifes WhatsApp at WorkAssociated: Argentina Orders Fb to Droop WhatsApp Knowledge SharingAssociated: South Africa Opposes WhatsApp-Fb Knowledge SharingGet the Every day Briefing Most CurrentMost LearnProtection Big Elbit Confirms Knowledge Breach After Ransomware Gang Claims HackSamsung Sued Over Current Knowledge BreachesTwo Distant Code Execution Vulnerabilities Patched in WhatsAppAustralian Police Probe Purported Hacker’s Ransom DemandRussia Offers Citizenship to Ex-NSA Contractor Edward SnowdenUkraine Says Russia Planning ‘Huge Cyberattacks’ on Crucial InfrastructureHackers Leak French Hospital Affected person Knowledge in Ransom StruggleAustralia Mulls Harder Cybersecurity Legal guidelines After Knowledge BreachBreached American Airways E mail Accounts Abused for PhishingUK Teen Arrested Over Rockstar Video games, Uber HacksSearching for Malware in All of the Unsuitable Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By way of Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice Yr To Be a Scammer.Do not Let DNS be Your Single Level of Failure Determine Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so Engaging Defend In opposition to DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise CVE-2022-27492 CVE-2022-36934 patch remote code execution Video vulnerability WhatsApp Orbit Brainhttp://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Cyberattack Causes Trains to Stop in DenmarkIntroducing the Cyber Security News Cyberattack Causes Trains to Stop in Denmark.... November 4, 2022 Cyber Security News
Weaponized PLCs Can Hack Engineering Workstations in Attacks on Industrial OrgsIntroducing the Cyber Security News Weaponized PLCs Can Hack Engineering Workstations in Attacks on Industrial Orgs.... August 15, 2022 Cyber Security News
CISA Says ‘PwnKit’ Linux Vulnerability Exploited in AttacksIntroducing the Cyber Security News CISA Says ‘PwnKit’ Linux Vulnerability Exploited in Attacks.... June 28, 2022 Cyber Security News
Trend Micro Patches Another Apex One Vulnerability Exploited in AttacksIntroducing the Cyber Security News Trend Micro Patches Another Apex One Vulnerability Exploited in Attacks.... September 13, 2022 Cyber Security News
UK Warns Lawyers Not to Advise Ransomware PaymentsIntroducing the Cyber Security News UK Warns Lawyers Not to Advise Ransomware Payments.... July 12, 2022 Cyber Security News
Signal Discloses Impact From Twilio HackIntroducing the Cyber Security News Signal Discloses Impact From Twilio Hack.... August 16, 2022 Cyber Security News
