Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-3568
HistoryMay 14, 2019 - 8:29 p.m.

CVE-2019-3568

2019-05-1420:29:00
CWE-119
[email protected]
web.nvd.nist.gov
1119
In Wild
1
whatsapp
voip
buffer overflow
remote code execution
cve-2019-3568
rtcp packets
security vulnerability

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.0%

JSON

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Social References

More

Related

cisa 1
threatpost 4
thn 5
malwarebytes 1
securelist 2
prion 1
cisa_kev 1
attackerkb 1
nessus 1
googleprojectzero 1
fireeye 1
cisa
cisa
Facebook Releases Security Advisory for WhatsApp
2019-05-14 00:00:00
threatpost
threatpost
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
2019-05-14 12:58:25
BRATA Android RAT Steals Banking Info in Real Time
2019-09-04 15:01:58
β€˜CatalanGate’ Spyware Infections Tied to NSO Group
2022-04-19 16:04:33
thn
thn
Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
2019-05-14 06:10:00
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
2024-03-02 06:23:00
Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users
2019-10-29 21:06:00
malwarebytes
malwarebytes
WhatsApp fix goes live after targeted attack on human rights lawyer
2019-05-14 16:46:21
securelist
securelist
Fully equipped Spying Android RAT from Brazil: BRATA
2019-08-29 14:00:26
APT trends report Q2 2019
2019-08-01 10:00:05
prion
prion
Buffer overflow
2019-05-14 20:29:00
cisa_kev
cisa_kev
WhatsApp VOIP Stack Buffer Overflow Vulnerability
2022-04-19 00:00:00
attackerkb
attackerkb
CVE-2019-3568
2019-05-14 00:00:00
nessus
nessus
Android Buffer Overflow in WhatsApp (CVE-2019-3568)
2024-03-08 00:00:00
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
fireeye
fireeye
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill β€” Intelligence for Vulnerability Management, Part One
2020-04-06 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.0%

JSON
Related for CVE-2019-3568
cisa1threatpost4thn5malwarebytes1securelist2prion1cisa_kev1attackerkb1nessus1googleprojectzero1fireeye1