WhatsApp Fixes Zero-Click Vulnerability that Affects iOS, macOS Versions of the App

The WhatsApp bug, alongside a separate OS-level flaw on Apple platforms, could have been used to carry out targeted attacks.

Advertisement
Written by Akash Dutta, Edited by Ketan Pratap | Updated: 1 September 2025 13:28 IST
Highlights
  • The security flaw has been labelled CVE-2025-55177
  • WhatsApp has fixed the vulnerability
  • Apple had fixed the security flaw earlier this month

The company has reportedly found 200 potential victims of the flaw

Photo Credit: Unsplash/Mika Baumeister

WhatsApp has fixed a zero-click security vulnerability, which could have been used to carry out sophisticated attacks against targeted individuals, the company said. The flaw affected the Meta-owned messenger app's iOS and macOS versions, and could “trigger processing of content from an arbitrary URL on a target's device.” While the flaw itself was not particularly dangerous, a separate operating system-level vulnerability in Apple's platforms could enable direct hacking attempts against the devices. Notably, both security issues have been fixed.

WhatsApp Says Hackers Could Have exploited the Security Flaw

In a security update, WhatsApp detailed a zero-click flaw that could have been exploited by hackers to carry out a sophisticated attack against targeted users. The vulnerability, designated CVE-2025-55177, enabled “incomplete authorisation of linked device synchronisation messages,” and could have allowed an unrelated user to trigger the processing of content from an arbitrary URL on a target's device.

Advertisement

To explain, normally, when a user links devices (via WhatsApp Web or WhatsApp for Mac), messages between devices are only processed if they come from a legitimate and authorised source. However, in this case, these checks were incomplete, and a malicious actor could trick WhatsApp into processing content from a URL, even if it did not originate from an authenticated device.

As per the company, the vulnerability impacted WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78.

Advertisement

WhatsApp highlighted that, while the vulnerability itself would not have been deemed dangerous, the existence of an OS-level vulnerability on Apple platforms resulted in the possibility that hackers could break into targeted devices. Designated CVE-2025-43300, this vulnerability was fixed by the iPhone maker earlier this month. The company also urged users to update their devices immediately.

According to a TechCrunch report, Meta spokesperson Margarita Franklink said that the vulnerability was spotted and fixed a few weeks ago. Additionally, the company had sent fewer than 200 notifications to WhatsApp users who might have been affected by the security flaw.

Advertisement

WhatsApp for iOS and WhatsApp for macOS users should update their apps to the latest version, even if they did not receive any update from the company, to ensure their security.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: WhatsApp, iOS, macOS, Apple, Cybersecurity, Apps
Advertisement

Related Stories

Popular Mobile Brands
  1. This OnePlus N Series Smartphone Will Launch in India Soon
  2. OnePlus Could Exit India by 2027 as Part of Oppo's Restructuring Plans
  3. Realme C100x Launched in India: Price in India, Specs, and More
  4. UK Government Plans Social Media Curfews for Teenagers Under New Online Safety Rules
  5. Redmi Note 17 Could Launch in India on August 6, Tipster Claims
  6. Infinix Note 60 Pro Pininfarina Edition First Impressions
  1. UK Government Plans Social Media Curfews for Teenagers Under New Online Safety Rules
  2. Redmi Note 17 India Launch Tipped for August; Specifications to Differ From China Variant
  3. Google Pixel 11 Teased Ahead of August 12 Launch, Pixel Glow Feature Confirmed
  4. Realme C100x Launched in India With 8,000mAh Battery, 6.8-Inch Display: Price, Specifications
  5. Samsung Galaxy Z Fold 8, Galaxy Z Fold 8 Ultra Key Specifications Surface Online Before Anticipated Launch
  6. Apple Approaches Chip Startups for Potential Acquisitions as It Looks to Strengthen AI Efforts: Report
  7. Google Upgrades Gmail Help Me Write With Custom AI Email Edits
  8. ViewSonic ViewBoard IN04V-N Series Launched in India With AI Camera, 4K Interactive Display: Price, Specifications
  9. OnePlus Could Exit India by 2027 as Part of Oppo’s Global Restructuring Plans: Report
  10. Apple Intelligence Cleared for Use on iPhone in China, Will Rely on Chinese AI Models: Report
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.