WhatsApp vulnerabilities in 2019

When it comes to security, there are always several apps that come to mind and more if they are under the umbrella of Facebook. In this case they have made public up to 12 vulnerabilities that WhatsApp It has suffered throughout the year 2019, and they are already solved.

Of those 12 vulnerabilities, more than half were classified as critical. The strength of the matter is that the end user does not receive that information, but only the most insulous or "simple" vulnerabilities are reported, or some very serious and that need to be informed to the population. They are vulnerabilities declared in USA UU, but that some have crossed the borders reaching even Europe and Asia. All vulnerabilities are collected on the NVD website.

How to recover a suspended WhatsApp account

We are going to highlight 8 of the 12 vulnerabilities that WhatsApp has suffered throughout 2019:


This bug, or vulnerability, affected both WhatsApp for Android and iOS devices, and it is a messaging data from the messenger app's media library. This leak was perpetrated by a remote attacker with the sole intention of taking control of the account.


We are facing one of the most critical vulnerabilities that WhatsApp has suffered throughout 2019, and it is that with this fault that has been found in both Android and iOS, a leak was created from an MP4 file especially indicated for that user to click. Because of that, the malware attacked the device and the hacker had full control over him.


Here we see a vulnerability that directly affected the WhatsApp library, specifically to GIFs. Through this error, which was found in version 1.2.18 of WhatsApp for Android, the attackers could execute a code remotely to manipulate the library and display the GIFs they had designed, and through those GIFs they had access to the files of our mobile.


In this vulnerability, the thing was complicated because, if a version of WhatsApp prior to 2.19.291 was being used, we may be allowing the access to our account to the point of being canceled.


The desktop version of WhatsApp lower than 0.3.9309 combined with iPhone phones with a version before 2.20.10, was exposed to the sending of malicious messages that by clicking on them allow a hacker had access to our WhatsApp files.


This vulnerability comes into play the privacy and security of WhatsApp users for Android, since through this error a malicious user could Access even messages that have already been deleted.


An escape of quite important information, since this failure allows through WhatsApp VOIP calls, a remote code will be executed and will affect a specific telephone number.

This vulnerability was detected especially in Android, but also in iOS and in Windows Phone. For both normal WhatsApp and Business.


This bug has to do with the desktop version of WhatsApp, and affects it by allowing some malicious users to send messages to confuse the validation and show an incorrect extension. That is, by wanting to read the QR code to access the desktop version, we were giving our account access to a hacker.

Another of the serious vulnerabilities of WhatsApp in this 2019 was the well-known Spyware Pegasus malware. In his day it is said that this Spanish software had allowed several countries to control WhatsApp video calls of up to a total of 120 people.

On the other hand, it is worth mentioning a vulnerability that went around the world and that reached Spain causing terrible chaos. In this vulnerability, the attackers they changed the phone number of the members of the group for some symbol That was not a number. This fact brought WhatsApp into an infinite loop that was solved by restoring the phone factory.