Screenshot 2025-03-15 170925-modified
CyberTech Nexus
get a quote
WhatsApp Patches Critical Vulnerabilities Exploited in Zero-Day Attacks
September 1, 2025
Uncategorized

WhatsApp has recently patched multiple security vulnerabilities affecting its messaging applications for iOS, macOS, and Windows. One of the flaws, CVE-2025-55177, is believed to have been exploited in the wild alongside a recently disclosed Apple zero-day (CVE-2025-43300) as part of sophisticated spyware campaigns targeting specific individuals.

CVE-2025-55177 Linked Device Synchronization Flaw

The vulnerability, discovered by internal researchers at the WhatsApp Security Team, stemmed from insufficient authorization of linked device synchronization messages. If exploited, it could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.

Affected Versions

  • WhatsApp for iOS prior to v2.25.21.73 (patched July 28, 2025)
  • WhatsApp Business for iOS prior to v2.25.21.78 (patched August 4, 2025)
  • WhatsApp for Mac prior to v2.25.21.78 (patched August 4, 2025)

Meta confirmed that the flaw may have been chained with CVE-2025-43300, an Apple ImageIO vulnerability disclosed last week. That vulnerability is an out-of-bounds write issue that could lead to memory corruption when processing a maliciously crafted image. Apple warned it had already been weaponized in “extremely sophisticated attacks” against targeted users.

According to Donncha Ó Cearbhaill, Head of the Security Lab at Amnesty International, WhatsApp has notified an undisclosed number of individuals, fewer than 200 who were likely targeted in the past 90 days with spyware leveraging CVE-2025-55177.

The campaign is described as a “zero-click” attack, meaning no user interaction, such as clicking a link, was required for compromise. Targets reportedly include civil society members, journalists, and human rights defenders.

WhatsApp has recommended that affected individuals perform a full device factory reset and keep both their operating system and WhatsApp application updated for maximum protection.

CVE-2025-30401 Windows Spoofing Flaw

In addition to the iOS and macOS patches, WhatsApp addressed a separate vulnerability, CVE-2025-30401, affecting WhatsApp for Windows prior to version 2.2450.6.

This spoofing issue involved mismatched MIME types and filename extensions. In a worst-case scenario, a crafted attachment could appear harmless but trick the recipient into executing arbitrary code when manually opening the file inside WhatsApp.

Meta noted that there is no evidence of exploitation in the wild for CVE-2025-30401. The bug was reported via the Meta Bug Bounty program by an external researcher.

Broader Implications

These disclosures highlight the persistent threat posed by commercial spyware and nation-state surveillance operations, which continue to exploit zero-day vulnerabilities in widely used communication platforms. Civil society actors remain high-value targets due to their roles in advocacy, journalism, and human rights defense.

Meta has urged all users to ensure they are running the latest versions of WhatsApp and their respective operating systems to remain protected.

References

  • WhatsApp Security Advisory – Meta Security Updates
  • Apple Security Updates – Apple Support
  • Amnesty International Security Lab – Amnesty Tech
  • CISA Vulnerability Database – CISA Known Exploited Vulnerabilities Catalog

🔖Tags: Cybersecurity Awareness
Facebook
Twitter

Leave a Reply

Your email address will not be published. Required fields are marked *