Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-3568
HistoryMay 14, 2019 - 8:29 p.m.

CVE-2019-3568

2019-05-1420:29:03
CWE-119
CWE-122
[email protected]
web.nvd.nist.gov
8

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.023

Percentile

89.7%

JSON

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Affected configurations

Nvd
Node
whatsappwhatsappRange<2.18.15tizen
OR
whatsappwhatsappRange<2.18.348windows_phone
OR
whatsappwhatsappRange<2.19.44businessandroid
OR
whatsappwhatsappRange<2.19.51iphone_os
OR
whatsappwhatsappRange<2.19.51businessiphone_os
OR
whatsappwhatsappRange<2.19.134android
VendorProductVersionCPE
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:tizen:*:*
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:windows_phone:*:*
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:business:android:*:*
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:*
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:business:iphone_os:*:*
whatsappwhatsapp*cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:*

Related

thn 5
securelist 2
malwarebytes 1
cisa_kev 1
threatpost 4
attackerkb 1
cve 1
prion 1
cvelist 1
cisa 1
nessus 1
googleprojectzero 1
fireeye 1
thn
thn
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
2024-03-02 06:23:00
Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
2022-04-19 10:26:00
Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users
2019-10-29 21:06:00
securelist
securelist
Fully equipped Spying Android RAT from Brazil: BRATA
2019-08-29 14:00:26
APT trends report Q2 2019
2019-08-01 10:00:05
malwarebytes
malwarebytes
WhatsApp fix goes live after targeted attack on human rights lawyer
2019-05-14 16:46:21
cisa_kev
cisa_kev
WhatsApp VOIP Stack Buffer Overflow Vulnerability
2022-04-19 00:00:00
threatpost
threatpost
BRATA Android RAT Steals Banking Info in Real Time
2019-09-04 15:01:58
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
2019-05-14 12:58:25
A Brisk Private Trade in Zero-Days Widens Their Use
2020-04-06 21:05:06
attackerkb
attackerkb
CVE-2019-3568
2019-05-14 00:00:00
cve
cve
CVE-2019-3568
2019-05-14 20:29:03
prion
prion
Buffer overflow
2019-05-14 20:29:00
cvelist
cvelist
CVE-2019-3568
2019-05-14 19:52:40
cisa
cisa
Facebook Releases Security Advisory for WhatsApp
2019-05-14 00:00:00
nessus
nessus
Android Buffer Overflow in WhatsApp (CVE-2019-3568)
2024-03-08 00:00:00
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
fireeye
fireeye
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill β€” Intelligence for Vulnerability Management, Part One
2020-04-06 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.023

Percentile

89.7%

JSON
Related for NVD:CVE-2019-3568
thn5securelist2malwarebytes1cisa_kev1threatpost4attackerkb1cve1prion1cvelist1cisa1nessus1googleprojectzero1fireeye1