PT-2020-15163 · Facebook · Whatsapp For Ios+1

Published

2020-11-03

Updated

2020-11-06

CVE-2020-1909

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WhatsApp for iOS versions prior to 2.20.111 WhatsApp Business for iOS versions prior to 2.20.111

Description A use-after-free issue in the logging library could result in memory corruption, crashes, and potentially code execution. This issue could occur when receiving an animated sticker while placing a WhatsApp video call on hold, provided several specific events happened in sequence.

Recommendations For WhatsApp for iOS versions prior to 2.20.111, update to version 2.20.111 or later. For WhatsApp Business for iOS versions prior to 2.20.111, update to version 2.20.111 or later.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2020-1909

Affected Products

Whatsapp Business For Ios

Whatsapp For Ios

PT-2020-15163 · Facebook · Whatsapp For Ios+1

CVE-2020-1909

Weakness Enumeration

Related Identifiers

Affected Products

References · 3