WhatsApp Reveals Critical Vulnerabilities in Older App Versions That Let Attacker Exploit Phones via Video Call

WhatsApp bug would let an attacker exploit integer overflow, after which they can get access to execute their own code on a victim's smartphone.

Advertisement
By Agencies | Updated: 28 September 2022 19:29 IST
Highlights
  • Details regarding the vulnerability were revealed in a September update
  • CVE-2022-36934 was given a severity score of 9.8 out of 10
  • Head of WhatsApp's India payment business has quit

WhatsApp, in an update, shared a detailed issue related to vulnerability CVE-2022-36934

WhatsApp, Meta's instant messaging and calling service, has published details of a 'critical' vulnerability that has been patched in a newer version of the app but might still affect older installed versions that have not been updated.

The details regarding the vulnerability were revealed in a September update of WhatsApp's page on security advisories affecting the app and came to light on September 23.

Advertisement

WhatsApp, in the update, shared a detailed issue related to vulnerability CVE-2022-36934, according to which "an integer overflow in WhatsApp for Android prior to v2.22.16.12, Business for Android prior to v2.22.16.12, iOS prior to v2.22.16.12, Business for iOS prior to v2.22.16.12 could result in remote code execution in an established video call."

According to the details, the bug would let an attacker exploit integer overflow, after which they can get access to execute their own code on a victim's smartphone through a specially crafted video call.

Advertisement

This vulnerability has been given a severity score of 9.8 out of 10 on the CVE scale.

In the same security advisory update, WhatsApp also explained another vulnerability, CVE-2022-27492. According to the social media company, "an integer underflow in WhatsApp for Android prior to v2.22.16.2, WhatsApp for iOS v2.22.15.9 could have caused remote code execution when receiving a crafted video file."

Advertisement

This said, the bug would let attackers execute the code on the victim's smartphone using a malicious video file. The vulnerability was scored 7.8 out of 10.

In an India-related development for the social media platform, the head of WhatsApp's India payment business, Manesh Mahatme, has quit after more than a year with the Meta Platforms-owned company to join Amazon India, a source told Reuters on Thursday.

Advertisement

Mahatme's exit comes at a critical time for WhatsApp, which is seeking to ramp up its payments service in a highly competitive market and lock horns with more established players such as Alphabet's Google Pay, Ant Group-backed Paytm and Walmart's PhonePe.

During his stint at WhatsApp Pay, the company won regulatory approval to more than double its payments offering to 100 million users in India, its biggest market with more than half a billion users overall.


Missed Apple's WWDC 2022? We discuss every major announcement on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

 

Affiliate links may be automatically generated - see our ethics statement for details.
 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: whatsapp, whatsapp bug, meta
Advertisement

Related Stories

Popular Mobile Brands
  1. Redmi Note 17, Poco M8 Plus Reportedly Spotted on BIS Ahead of Debut
  2. Amazon Prime Day Refrigerator Deals 2026: Up to 50% Off LG, Bosch and More
  3. Xiaomi 18 Pro Max Prototype Leaked With Dual 200MP Cameras, 100W Charging
  4. Samsung Galaxy F70 Pro Bluetooth SIG Listing Hints at Imminent Launch
  1. Nothing Ear 3a Spotted in Leaked Renders That Leave Little to the Imagination Ahead of Their Debut
  2. Vivo G5i, Vivo G5z Launched With 7,200mAh Battery, Snapdragon 4 Gen 2 SoC: Price, Features
  3. Redmi Note 17 and Poco M8 Plus Appear on BIS Certification Database, Might Launch in India Soon: Report
  4. Stablecoin Transactions Hit Record $1.79 Trillion in June, Analytics Show
  5. South Africa Proposes Crypto Tax Guidance Under Existing Framework
  6. Insta360 X6 Could Launch Soon With Larger Sensor, US FCC Listing Suggests
  7. Vivo V80 Series Price Range in India, Launch Timeline Tipped Along With Key Specifications, Features
  8. Huawei Pura 90 Series Global Launch Set for July 14; Pura 90s Pro Max Teased
  9. Apple Brings Back Card Payments for App Store and iCloud Transactions in India After Five Years
  10. Samsung Galaxy Z Fold 8 Series Tipped to Launch With a New Hinge to Minimise Display Crease
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.