Critical WhatsApp Zero-Day Vulnerability Allows Remote Code Execution
Summary
| OEM | |
| Severity | Medium |
| CVSS Score | 5.4 |
| CVEs | CVE-2025-55177 |
| POC Available | No |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
A security vulnerability recently discovered in WhatsApp’s linked device feature that allows users to access WhatsApp across multiple devices, such as phones and computers.
CISA has added this flaw to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting its significance. The flaw allows attackers to send crafted messages that forced WhatsApp to load malicious content from a rogue website without any user interaction. WhatsApp and Apple already patched the issue and users are urged to update their apps immediately to stay protected.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| WhatsApp Incorrect Authorization Vulnerability | CVE-2025-55177 | Medium | 2.25.21.73 and later. WB iOS 2.25.21.78 and later. WhatsApp Desktop for Mac 2.25.21.78 and later. |
Technical Summary
The vulnerability was due to incomplete authorization of synchronization messages in WhatsApp’s linked device feature. This flaw allowed an attacker to send crafted sync messages that could trick WhatsApp into processing content from an arbitrary URL, even if the message came from an untrusted source.
This could result in WhatsApp loading and executing malicious content on the target device without any user interaction. The impact of the attack was significantly increased when combined with a separate Apple OS vulnerability (CVE-2025-43300), making it suitable for sophisticated, targeted exploitation.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-55177 | WhatsApp for iOS (v2.22.25.2 to v2.25.21.72) WhatsApp Business for iOS (v2.22.25.2 to v2.25.21.77) WhatsApp Desktop for Mac (v2.22.25.2 to v2.25.21.77 | Incomplete authorization in the linked device sync feature allowed attackers to send crafted sync messages that caused WhatsApp to load content from an arbitrary URL without user interaction. This could be used to execute malicious code on the device. | Remote code execution, |
Remediation:
Update the WhatsApp in iOS and mac devices to the latest version
- WhatsApp for iOS: Update to v2.25.21.73 or latest version
- WhatsApp Business for iOS: Update to v2.25.21.78 or latest version
- WhatsApp Desktop for Mac: Update to v2.25.21.78 or latest version
Conclusion:
The WhatsApp vulnerability highlights the growing risks of zero-click attacks, where devices can be compromised without any user interaction. This flaw has been exploited in targeted attacks and poses a serious threat to user security and privacy. It is important for all users to keep their apps and operating systems up to date and follow trusted security recommendations
References:
Recent Posts
- Corporate Employees Targeted by Vidar Malware
- Network Security in Litecoin Compromised by ZeroDay Bug
- Cyber breach Incident Exposed Itron’s Internal System & Network
- Security Flaw in LMDeploy Exploited in 12 hours is CVE-2026-33626
- Enterprise Cyber Security Mapping up Structural Reset with AI Security
Recent Comments
Search
Recent Posts
- Corporate Employees Targeted by Vidar Malware 28 April 2026
- Network Security in Litecoin Compromised by ZeroDay Bug 27 April 2026
- Cyber breach Incident Exposed Itron’s Internal System & Network 27 April 2026
- Security Flaw in LMDeploy Exploited in 12 hours is CVE-2026-33626 24 April 2026
Archives
- April 2026 (18)
- March 2026 (17)
- February 2026 (15)
- January 2026 (15)
- December 2025 (15)
- November 2025 (24)
- October 2025 (30)
- September 2025 (25)
- August 2025 (22)
- July 2025 (27)
- June 2025 (23)
- May 2025 (19)
- April 2025 (18)
- March 2025 (21)
- February 2025 (18)
- January 2025 (22)
- December 2024 (10)
- November 2024 (8)
- October 2024 (6)
- September 2024 (3)
- October 2023 (9)
- June 2023 (3)
Recent Comments