Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2019-3568
HistoryMay 14, 2019 - 8:29 p.m.

CVE-2019-3568

2019-05-1420:29:03
CWE-122
CWE-119
[email protected]
web.nvd.nist.gov
1

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.7%

JSON

A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.

Affected configurations

NVD
Node
whatsappwhatsappRange<2.18.15tizen
OR
whatsappwhatsappRange<2.18.348windows_phone
OR
whatsappwhatsappRange<2.19.44businessandroid
OR
whatsappwhatsappRange<2.19.51iphone_os
OR
whatsappwhatsappRange<2.19.51businessiphone_os
OR
whatsappwhatsappRange<2.19.134android

Related

securelist 2
malwarebytes 1
thn 5
cisa_kev 1
threatpost 4
cisa 1
cve 1
attackerkb 1
cvelist 1
prion 1
nessus 1
googleprojectzero 1
fireeye 1
securelist
securelist
Fully equipped Spying Android RAT from Brazil: BRATA
2019-08-29 14:00:26
APT trends report Q2 2019
2019-08-01 10:00:05
malwarebytes
malwarebytes
WhatsApp fix goes live after targeted attack on human rights lawyer
2019-05-14 16:46:21
thn
thn
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp
2024-03-02 06:23:00
Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
2019-05-14 06:10:00
Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
2022-04-19 10:26:00
cisa_kev
cisa_kev
WhatsApp VOIP Stack Buffer Overflow Vulnerability
2022-04-19 00:00:00
threatpost
threatpost
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
2019-05-14 12:58:25
BRATA Android RAT Steals Banking Info in Real Time
2019-09-04 15:01:58
β€˜CatalanGate’ Spyware Infections Tied to NSO Group
2022-04-19 16:04:33
cisa
cisa
Facebook Releases Security Advisory for WhatsApp
2019-05-14 00:00:00
cve
cve
CVE-2019-3568
2019-05-14 20:29:03
attackerkb
attackerkb
CVE-2019-3568
2019-05-14 00:00:00
cvelist
cvelist
CVE-2019-3568
2019-05-14 19:52:40
prion
prion
Buffer overflow
2019-05-14 20:29:00
nessus
nessus
Android Buffer Overflow in WhatsApp (CVE-2019-3568)
2024-03-08 00:00:00
googleprojectzero
googleprojectzero
TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
2020-04-02 00:00:00
fireeye
fireeye
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill β€” Intelligence for Vulnerability Management, Part One
2020-04-06 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.7%

JSON
Related for NVD:CVE-2019-3568
securelist2malwarebytes1thn5cisa_kev1threatpost4cisa1cve1attackerkb1cvelist1prion1nessus1googleprojectzero1fireeye1