Buffer Overflow Vulnerability In WhatsApp VOIP [CVE-2019-3568]

CVE Number – CVE-2019-3568

Description: A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number.

Affected Versions: The issue affects WhatsApp for Android prior to v2.19.134

WhatsApp Business for Android prior to v2.19.44

WhatsApp for iOS prior to v2.19.51

WhatsApp Business for iOS prior to v2.19.51

WhatsApp for Windows Phone prior to v2.18.348

WhatsApp for Tizen prior to v2.18.15

WhatsApp said it was too early to know how many users had been affected by the vulnerability, although it added that suspected attacks were highly-targeted.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.