New Delhi: The Indian cyber agency CERT-In on Wednesday warned WhatsApp users of multiple bugs which could be exploited by a remote attacker to execute arbitrary code on the targeted system.
In an advisory, CERT-In, under the IT Ministry, described two remote code execution vulnerabilities in Meta-owned WhatsApp in both Android and iOS versions.
The first vulnerability exists in WhatsApp due to integer overflow.
“A remote attacker could exploit this vulnerability to execute remote code in an established video call,” warned the cyber agency.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system, said CERT-In.
Hackers can also exploit a second vulnerability in WhatsApp by sending a specially-crafted video file that can put users’ information at risk.
CERT-In advised WhatsApp users to install latest security updates.
WhatsApp has nearly 500 million users in the country, according the third-party reports.