CERT-In has issued severity ratings of the vulnerability of using these apps in the older version as 'high'.
If you are using the older versions of social networking application WhatsApp and WhatsApp Business on iOS, you are vulnerable to cyber-attacks, claims the Indian cybersecurity agency, the Computer Emergency Response Team (CERT-In). As per media reports, CERT-In has issued severity ratings of the vulnerability of using these apps in the older version as ‘high’.
The two critical vulnerabilities pointed out by CERT-In in WhatsApp and WhatsApp Business are a Use-After-Free vulnerability and Improper Access Control Vulnerability. With User-After-Free vulnerability, a remote hacker can send a specifically crafted animated sticker to its target while putting a video call on hold and they will result in several events taking place together in sequence without the target’s knowledge. The Improper Access Control flaw let hackers access the target’s device even when locked and affect all versions before v2.20.200 version.
These vulnerabilities were disclosed by WhatsApp in security advisories and resolved with the November update and can lead to memory corruption of devices, software crash, execution of remote code or denial of service conditions. Since these vulnerabilities can affect iOS users with older versions of WhatsApp and WhatsApp Business, it is advisable they update the apps at the earliest from the App store to bridge the security gap.