XenonStack Recommends

Security Intelligence

Whatsapp CVE-2019-3568 and Zimbra CVE-2018-6882 Vulnerabilities

Parveen Bhandari | 22 August 2022

Subscription

XenonStack White Arrow

Thanks for submitting the form.

What is CVE-2019-3568?

WhatsApp VOIP Stack Buffer Overflow Vulnerability

This Vulnerability is a buffer overflow vulnerability in the WhatsApp VOIP stack that allows remote code execution of a series of specially crafted RTCP packets sent to a target phone number. 
The attacker has secret spyware installed on the victim through mobile device vulnerabilities. Targeted for voice calls on the iPhone or Android is enough. The call is not necessary to be answered by the target. The call cannot be traced because the spyware deletes the incoming call information from the present logs. This vulnerability can allow the attacker to take remote access to the victim's device, including text messages, call recording, contact information, location information, microphone, and camera data.

Impact of CVE-2019-3568

This vulnerability affects the following:

  •  Whatsapp android version prior to v2.19.134
  •  Whatsapp business version prior to v2.19.44
  • Whatsapp iOS prior to version v2.19.51
  • Whatsapp for windows prior to version v2.18.348
  • Whatsapp for Tizen prior to version v2.18.15
CVE ID  CVE-2019-3568
Vulnerability Name WhatsApp VOIP Stack Buffer Overflow Vulnerability
Vendor Meta Platform
Product Whatsapp
Date added to the catalog  2022-04-19
Description This vulnerability is a buffer overflow vulnerability in the WhatsApp VOIP stack that allows remote code execution of a series of specially crafted RTCP packets sent to a target phone number. 
Severity (out of 10)  9.8 (Critical) 
Remediation Users of WhatsApp are advised to upgrade to the latest version as soon as possible. The app can be updated through the google play store.
Cyber Security Services
End-to-End Proactive Solutions for empowering Advanced Threat Protection and Intelligence with Real-Time Analytics, Cyber Security Services

What is CVE-2018-6882?

Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability


Zimbra is an enterprise-class calendar, mail, and collaboration solution built for the cloud, both for private and public. The interface is browser-based. It can run on any device: smartphone, tablet, and laptop.
A vulnerability named Cross-site scripting (XSS) in ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite in the package before 8.7 Patch1 and before 8.8.7 enables remote attackers to inject HTML or web script via an e-mail attachment that contains a content-location header. If an e-mail is opened that contains one or more attachments, a link (tag) is made for every attachment. Sanitization is not performed, and an attacker can influence the value of the header, resulting in an injection of the arbitrary javascript or HTML. 

CVE ID  CVE-2018-6882
Vulnerability Name Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Vendor Zimbra
Product Collaboration Suite (ZCS)
Date added to the catalog  2022-04-19
Description Zimbra Collaboration Suite contains a vulnerability called cross-site scripting that allows an attacker to remotely inject arbitrary HTML or web script.
Severity (out of 10) 6.1 (Medium)
Impact This vulnerability was identified in ZCS version 8.8.7. This Vulnerability has affected all the ZCS versions from 8.5.0.
Remediation This vulnerability can be fixed with Zimbra Collaboration Suite Version 8.8.7.

Conclusion

These vulnerabilities will not be patched on time with the required remediations it can allow the attackers to remote access your device, including text messages, call recording, contact information, location information, microphone, and camera data.

Explore more critical vulnerabilities that can be leveraged by Adversaries in hacking your applications and their remediations