Cybersecurity specialists reported the finding of a dangerous vulnerability in the WhatsApp app for Android devices. According to the report, successful exploitation of the flaw would allow threat actors to fully seize the affected device.
WhatsApp is currently the most popular instant messaging platform in the world, so this is a report that should be taken seriously. Below is a brief description of the flaw, in addition to its CVE tracking key and assigned score according to the Common Vulnerability Scoring System (CVSS).
Tracked as CVE-2021-24026, this flaw exists due to a boundary condition during the processing of audio calls made through the platform. Remote threat actors could initiate a specially designed audio stream during the target user’s call, trigger out-of-bounds writing, and execute arbitrary code on the user’s system
The vulnerability received a CVSS score of 7.7/10 and its exploitation would allow threat actors to take control of the target system. This flaw lies in the following versions of WhatsApp for Android: 2.19.2, 2.19.3, 2.19.4, 2.19.5, 2.19.6, 2.19.7, 2.19.11, 2.19.12, 2.19.14, 2.19.16, 2.19.17, 2.19.18, 2.19.19, 2.19.22, 2.19.27, 2.19.29, 2.19.31, 2.19.33, 2.19.34, 2.19.35, 2.19.38, 2.19.39, 2.19.41, 2.19.42, 2.19.45, 2.19.46, 2.19.50, 2.19.52, 2.19.53, 2.19.54, 2.19.55, 2.19.56, 2.19.57, 2.19.58, 2.19.59, 2.19.61, 2.19.63, 2.19.65, 2.19.69, 2.19.71, 2.19.73, 2.19.74, 2.19.75, 2.19.78, 2.19.79, 2.19.80, 2.19.81, 2.19.82, 2.19.83, 2.19.85, 2.19.92, 2.19.93, 2.19.95, 2.19.97, 2.19.98, 2.19.99, 2.19.100, 2.19.103, 2.19.104, 2.19.108, 2.19.109, 2.19.110, 2.19.111, 2.19.112, 2.19.113, 2.19.115, 2.19.116, 2.19.118, 2.19.119, 2.19.121, 2.19.123, 2.19.124, 2.19.126, 2.19.127, 2.19.128, 2.19.130, 2.19.131, 2.19.132, 2.19.133, 2.19.134, 2.19.138, 2.19.139, 2.19.143, 2.19.144, 2.19.145, 2.19.147, 2.19.148, 2.19.150, 2.19.151, 2.19.152, 2.19.153, 2.19.154, 2.19.156, 2.19.158, 2.19.159, 2.19.163, 2.19.165, 2.19.166, 2.19.167, 2.19.169, 2.19.170, 2.19.171, 2.19.173, 2.19.175, 2.19.176, 2.19.177, 2.19.178, 2.19.179, 2.19.180, 2.19.182, 2.19.184, 2.19.185, 2.19.187, 2.19.188, 2.19.189, 2.19.190, 2.19.191, 2.19.192, 2.19.193, 2.19.194, 2.19.196, 2.19.198, 2.19.199, 2.19.201, 2.19.202, 2.19.203, 2.19.204, 2.19.205, 2.19.206, 2.19.207, 2.19.208, 2.19.210, 2.19.211, 2.19.213, 2.19.215, 2.19.216, 2.19.218, 2.19.219, 2.19.220, 2.19.221, 2.19.222, 2.19.224, 2.19.226, 2.19.228, 2.19.230, 2.19.233, 2.19.234, 2.19.235, 2.19.237, 2.19.239, 2.19.243, 2.19.244, 2.19.245, 2.19.246, 2.19.247, 2.19.249, 2.19.251, 2.19.252, 2.19.254, 2.19.255, 2.19.256, 2.19.258, 2.19.259, 2.19.260, 2.19.262, 2.19.263, 2.19.264, 2.19.267, 2.19.269, 2.19.270, 2.19.272, 2.19.273, 2.19.274, 2.19.275, 2.19.276, 2.19.277, 2.19.278, 2.19.279, 2.19.285, 2.19.289, 2.19.291, 2.19.293, 2.19.294, 2.19.295, 2.19.296, 2.19.297, 2.19.298, 2.19.300, 2.19.302, 2.19.304, 2.19.306, 2.19.307, 2.19.308, 2.19.310, 2.19.311, 2.19.315, 2.19.318, 2.19.321, 2.19.324, 2.19.327, 2.19.328, 2.19.330, 2.19.331, 2.19.333, 2.20.11, 2.20.17, 2.20.35, 2.20.115, 2.20.117, 2.20.120, 2.20.121, 2.20.122, 2.20.123, 2.20.125, 2.20.126, 2.20.129, 2.20.130, 2.20.133, 2.20.135, 2.20.136, 2.20.137, 2.20.139, 2.20.140, 2.20.142, 2.20.143, 2.20.144, 2.20.145, 2.20.146, 2.20.148, 2.20.150, 2.20.152, 2.20.154, 2.20.156, 2.20.157, 2.20.161, 2.20.162, 2.20.163, 2.20.164, 2.20.166, 2.20.167, 2.20.169, 2.20.171, 2.20.172, 2.20.174, 2.20.175, 2.20.177, 2.20.179, 2.20.181, 2.20.186, 2.20.188, 2.20.189, 2.20.191, 2.20.192, 2.20.193, 2.20.193.2, 2.20.193.4, 2.20.193.9, 2.20.194.5, 2.20.194.6, 2.20.194.7, 2.20.194.8, 2.20.194.10, 2.20.194.11, 2.20.194.12, 2.20.194.13, 2.20.194.14, 2.20.195.2, 2.20.195.5, 2.20.195.9, 2.20.195.11, 2.20.195.13, 2.20.195.17, 2.20.196.2, 2.20.196.4, 2.20.196.7, 2.20.196.9, 2.20.196.10, 2.20.196.11, 2.20.196.16, 2.20.197.3, 2.20.197.4, 2.20.197.5, 2.20.197.6, 2.20.197.7, 2.20.197.9,