Two Remote Code Execution Vulnerabilities Patched in WhatsApp By Orbit Brain September 27, 2022 0 226 views House › VulnerabilitiesTwo Distant Code Execution Vulnerabilities Patched in WhatsAppBy Eduard Kovacs on September 27, 2022TweetWhatsApp has patched two critical vulnerabilities that could possibly be exploited for distant code execution.WhatsApp solely has three safety advisories for 2022, with the primary two launched in January and February. The newest advisory, launched this month, informs prospects of two memory-related points affecting the WhatsApp cellular purposes.One of many flaws, tracked as CVE-2022-36934 and rated ‘essential’, is an integer overflow concern that impacts WhatsApp for Android previous to 2.22.16.12, Enterprise for Android previous to 2.22.16.12, iOS previous to 2.22.16.12, and Enterprise for iOS previous to 2.22.16.12.In line with WhatsApp, an attacker can exploit the vulnerability for distant code execution throughout a video name.The second concern, a high-severity flaw tracked as CVE-2022-27492, is an integer underflow that may be exploited for distant code execution by sending a specifically crafted video file to the focused consumer. It has been patched in WhatsApp for Android and iOS with the discharge of variations 2.22.16.2 and a pair of.22.15.9, respectively.In line with cybersecurity agency Malwarebytes, CVE-2022-36934 impacts the Video Name Handler part, whereas CVE-2022-27492 impacts the Video File Handler part.The vulnerabilities seem to have been found internally and there’s no indication that they’ve been exploited within the wild.WhatsApp vulnerabilities could be extremely beneficial to malicious actors. There have been reviews in recent times of WhatsApp zero-days being exploited to put in malware on smartphones. WhatsApp has even filed a lawsuit in opposition to Israeli spy ware firm NSO Group for infecting prospects’ telephones.Exploit acquisition firm Zerodium is at present providing as much as $1 million for WhatsApp exploits that obtain distant code execution and native privilege escalation, and as much as $1.5 million if the exploit doesn’t require any consumer interplay.Associated: Swiss Military Knifes WhatsApp at WorkAssociated: Argentina Orders Fb to Droop WhatsApp Knowledge SharingAssociated: South Africa Opposes WhatsApp-Fb Knowledge SharingGet the Every day Briefing Most CurrentMost LearnProtection Big Elbit Confirms Knowledge Breach After Ransomware Gang Claims HackSamsung Sued Over Current Knowledge BreachesTwo Distant Code Execution Vulnerabilities Patched in WhatsAppAustralian Police Probe Purported Hacker’s Ransom DemandRussia Offers Citizenship to Ex-NSA Contractor Edward SnowdenUkraine Says Russia Planning ‘Huge Cyberattacks’ on Crucial InfrastructureHackers Leak French Hospital Affected person Knowledge in Ransom StruggleAustralia Mulls Harder Cybersecurity Legal guidelines After Knowledge BreachBreached American Airways E mail Accounts Abused for PhishingUK Teen Arrested Over Rockstar Video games, Uber HacksSearching for Malware in All of the Unsuitable Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By way of Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice Yr To Be a Scammer.Do not Let DNS be Your Single Level of Failure Determine Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so Engaging Defend In opposition to DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp CVE-2022-27492 CVE-2022-36934 patch remote code execution Video vulnerability WhatsApp Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
Google Pays $45,000 for High-Severity Vulnerabilities Found in ChromeIntroducing the Cyber Security News Google Pays $45,000 for High-Severity Vulnerabilities Found in Chrome.... November 9, 2022 Cyber Security News
US Sanctions Crypto ‘Laundering’ Service TornadoIntroducing the Cyber Security News US Sanctions Crypto ‘Laundering’ Service Tornado.... August 9, 2022 Cyber Security News
Cisco Squashes High-Severity Bug in Web Protection SolutionIntroducing the Cyber Security News Cisco Squashes High-Severity Bug in Web Protection Solution.... August 19, 2022 Cyber Security News
South Korea Fines Google, Meta Over Privacy ViolationsIntroducing the Cyber Security News South Korea Fines Google, Meta Over Privacy Violations.... September 15, 2022 Cyber Security News
Twitter Finds No Evidence of Vulnerability Exploitation in Recent Data LeaksIntroducing the Cyber Security News Twitter Finds No Evidence of Vulnerability Exploitation in Recent Data Leaks.... January 12, 2023 Cyber Security News
Uber Confirms Hacker Accessed Internal Tools, Bug Bounty DashboardIntroducing the Cyber Security News Uber Confirms Hacker Accessed Internal Tools, Bug Bounty Dashboard.... September 20, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 74