Check Point discovers WhatsApp vulnerability in image filter

[German]Another brief security information for the few remaining WhatsApp users. Security researchers from Check Point have discovered a vulnerability in the WhatsApp image filter function that hackers could exploit. In the meantime, however, this vulnerability has been fixed with an update to the app.


Advertising

During an audit of the WhatsApp app, security researchers from Check Point® Software Technologies Ltd.

discovered a vulnerability in the messenger application. This vulnerability would have allowed hackers to access stored data on the device. The point of attack here was the image filters provided by the application.

During their research study, the security researchers found that switching between different filters for created GIF files caused WhatsApp to crash. The team identified one of the crashes as a memory corruption and immediately reported the issue to WhatsApp.

The CVE-2020-1910 vulnerability has been classified as an out-of-bounds read and write issue. To successfully exploit the vulnerability, an attacker would need to apply certain image filters to a specially crafted image and send the resulting image. WhatsApp has fixed the vulnerability by updating the app to version 2.21.2.13. Details about the vulnerability can be read in this document.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Security, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.