Exposure of Resource to Wrong Sphere in WhatsApp Messenger for Android and WhatsApp Business for Android

#VU52295 Exposure of Resource to Wrong Sphere in WhatsApp Messenger for Android and WhatsApp Business for Android

Published: 2021-04-18

Vulnerability identifier: #VU52295

Vulnerability risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-24027

CWE-ID: N/A

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
WhatsApp Messenger for Android
Mobile applications / Apps for mobile phones
WhatsApp Business for Android
Mobile applications / Apps for mobile phones

Vendor: WhatsApp

Description

The vulnerability allows a malicious application to gain access to sensitive information on the system.

The vulnerability exists due to a cache configuration issue. A malicious application installed on the device with access to external storage can read cached TLS data.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

WhatsApp Messenger for Android: 2.21.4.1 - 2.21.4.15

External links
http://www.whatsapp.com/security/advisories/2021/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Information disclosure in WhatsApp for Android and WhatsApp Business for Android