Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisa_kevCISACISA-KEV-CVE-2019-3568
HistoryApr 19, 2022 - 12:00 a.m.

WhatsApp VOIP Stack Buffer Overflow Vulnerability

2022-04-1900:00:00
CISA
www.cisa.gov
8
whatsapp
voip
buffer overflow
remote code execution
rtcp packets
vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.023

Percentile

89.7%

JSON

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.

Related

thn 5
securelist 2
malwarebytes 1
attackerkb 1
threatpost 4
cve 1
cisa 1
prion 1
nvd 1
cvelist 1
nessus 1
googleprojectzero 1
fireeye 1
thn
thn
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
2024-03-02 06:23:00
Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
2022-04-19 10:26:00
Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
2019-05-14 06:10:00
securelist
securelist
Fully equipped Spying Android RAT from Brazil: BRATA
2019-08-29 14:00:26
APT trends report Q2 2019
2019-08-01 10:00:05
malwarebytes
malwarebytes
WhatsApp fix goes live after targeted attack on human rights lawyer
2019-05-14 16:46:21
attackerkb
attackerkb
CVE-2019-3568
2019-05-14 00:00:00
threatpost
threatpost
BRATA Android RAT Steals Banking Info in Real Time
2019-09-04 15:01:58
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
2019-05-14 12:58:25
A Brisk Private Trade in Zero-Days Widens Their Use
2020-04-06 21:05:06
cve
cve
CVE-2019-3568
2019-05-14 20:29:03
cisa
cisa
Facebook Releases Security Advisory for WhatsApp
2019-05-14 00:00:00
prion
prion
Buffer overflow
2019-05-14 20:29:00
nvd
nvd
CVE-2019-3568
2019-05-14 20:29:03
cvelist
cvelist
CVE-2019-3568
2019-05-14 19:52:40
nessus
nessus
Android Buffer Overflow in WhatsApp (CVE-2019-3568)
2024-03-08 00:00:00
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
fireeye
fireeye
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill β€” Intelligence for Vulnerability Management, Part One
2020-04-06 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.023

Percentile

89.7%

JSON
Related for CISA-KEV-CVE-2019-3568
thn5securelist2malwarebytes1attackerkb1threatpost4cve1cisa1prion1nvd1cvelist1nessus1googleprojectzero1fireeye1