A security vulnerability has been identified in WhatsApp which would allow a remote attacker to install malicious code such as spyware, on a targeted mobile device by making a WhatsApp call. The attack could still succeed even if the call is not answered.
- WhatsApp for iOS prior to v2.19.51
- WhatsApp for Android prior to v2.19.134
- WhatsApp for Windows Phone prior to v2.18.348
- WhatsApp for Tizen prior to v2.18.15
- WhatsApp Business for Android prior to v2.19.44
- WhatsApp Business for iOS prior to v2.19.51
A successful exploitation of the vulnerability could lead to arbitrary code execution and information disclosure on affected systems.
Users of affected systems should update WhatsApp to the latest version offered by the official app stores to address the issue.