Country’s cyber security agency CERT-In has cautioned WhatsApp users about specific vulnerabilities detected in the well known messaging application that lead to breach of sensitive information.
A “high” severity rating advisory issued by the CERT-In, or the Indian Computer Emergency Response Team, said the vulnerability has been detected in software that has “WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32.”
The v2.21.4.18 and v2.21.32 means the versions of the WhatsApp messenger that are downloaded by users for using the platform on their mobile or PC devices.
The CERT-In is the national technology arm to combat cyber attacks and guarding the Indian the internet.
“Different vulnerabilities have been reported for in WhatsApp applications which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system,” the advisory issued on Saturday said.
Describing the risk in detail, it said that these vulnerabilities “exist in WhatsApp applications due to a cache configuration issue and missing bounds check within the audio decoding pipeline.”
“Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or access sensitive information on a targeted system,” it said.
The warning added that users of the application should updated the latest version of WhatsApp from Google Play Store or iOS App Store to counter the vulnerability threat.
