Main Vulnerability Database Exploits ID:5304 - Exploit for Exposure of Resource to Wrong Sphere in WhatsApp Messenger for Android and WhatsApp Business for Android - CVE-2021-24027

ID:5304 - Exploit for Exposure of Resource to Wrong Sphere in WhatsApp Messenger for Android and WhatsApp Business for Android - CVE-2021-24027

Published: April 18, 2021

Vulnerability identifier: #VU52295

Vulnerability risk: Low

CVE-ID: CVE-2021-24027

CWE-ID:

Exploitation vector: Local access

Vulnerable software:
WhatsApp Messenger for Android
WhatsApp Business for Android

Link to public exploit:

https://github.com/CENSUS/whatsapp-mitd-mitm

Vulnerability description

The vulnerability allows a malicious application to gain access to sensitive information on the system.

The vulnerability exists due to a cache configuration issue. A malicious application installed on the device with access to external storage can read cached TLS data.

Remediation

Install updates from vendor's website.

ID:5304 - Exploit for Exposure of Resource to Wrong Sphere in WhatsApp Messenger for Android and WhatsApp Business for Android - CVE-2021-24027

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human