contador javascript Saltar al contenido
Contact : alejandrasalcedo0288@gmail.com

WhatsApp vulnerabilities in 2019

When it comes to security, there are always several apps that come to mind and more if they are under the umbrella of Facebook. In this case they have made public up to 12 vulnerabilities that WhatsApp It has suffered throughout the year 2019, and they are already solved.

Of those 12 vulnerabilities, more than half were classified as critical. The strength of the matter is that the end user does not receive that information, but only the most insulous or "simple" vulnerabilities are reported, or some very serious and that need to be informed to the population. They are vulnerabilities declared in USA UU, but that some have crossed the borders reaching even Europe and Asia. All vulnerabilities are collected on the NVD website.

How to recover a suspended WhatsApp account

We are going to highlight 8 of the 12 vulnerabilities that WhatsApp has suffered throughout 2019:

CVE-2019-11927

This bug, or vulnerability, affected both WhatsApp for Android and iOS devices, and it is a messaging data from the messenger app's media library. This leak was perpetrated by a remote attacker with the sole intention of taking control of the account.

CVE-2019-11931

We are facing one of the most critical vulnerabilities that WhatsApp has suffered throughout 2019, and it is that with this fault that has been found in both Android and iOS, a leak was created from an MP4 file especially indicated for that user to click. Because of that, the malware attacked the device and the hacker had full control over him.

CVE-2019-11932

Here we see a vulnerability that directly affected the WhatsApp library, specifically to GIFs. Through this error, which was found in version 1.2.18 of WhatsApp for Android, the attackers could execute a code remotely to manipulate the library and display the GIFs they had designed, and through those GIFs they had access to the files of our mobile.

CVE-2019-11933

In this vulnerability, the thing was complicated because, if a version of WhatsApp prior to 2.19.291 was being used, we may be allowing the access to our account to the point of being canceled.

CVE-2019-18426

The desktop version of WhatsApp lower than 0.3.9309 combined with iPhone phones with a version before 2.20.10, was exposed to the sending of malicious messages that by clicking on them allow a hacker had access to our WhatsApp files.

CVE-2019-3566

This vulnerability comes into play the privacy and security of WhatsApp users for Android, since through this error a malicious user could Access even messages that have already been deleted.

CVE-2019-3568

An escape of quite important information, since this failure allows through WhatsApp VOIP calls, a remote code will be executed and will affect a specific telephone number.

This vulnerability was detected especially in Android, but also in iOS and in Windows Phone. For both normal WhatsApp and Business.

CVE-2019-3571

This bug has to do with the desktop version of WhatsApp, and affects it by allowing some malicious users to send messages to confuse the validation and show an incorrect extension. That is, by wanting to read the QR code to access the desktop version, we were giving our account access to a hacker.

Another of the serious vulnerabilities of WhatsApp in this 2019 was the well-known Spyware Pegasus malware. In his day it is said that this Spanish software had allowed several countries to control WhatsApp video calls of up to a total of 120 people.

On the other hand, it is worth mentioning a vulnerability that went around the world and that reached Spain causing terrible chaos. In this vulnerability, the attackers they changed the phone number of the members of the group for some symbol That was not a number. This fact brought WhatsApp into an infinite loop that was solved by restoring the phone factory.

There was another somewhat curious vulnerability that allows manipulate the name of the issuers, and linked to this ruling, there is another that allow to change (edit) the messages sent. The thing did not stay there, but changed the privacy settings, that is, when a member of the group is responded in private, that message was made public in the group.

As we see, WhatsApp is not as safe as they want us to believe, and it is that almost no app currently is. There are even privacy and security issues with antivirus such as Avast and AVG.

How to hide WhatsApp at work

Go: NVD

Rate this post