cbcvebase.
CVE-2022-36934
published 2022-09-22

CVE-2022-36934: An integer overflow in WhatsApp could result in remote code execution in an established video call.

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.93%
77.5th percentile
An integer overflow in WhatsApp could result in remote code execution in an established video call.

Affected

6 ranges
VendorProductVersion rangeFixed in
metawhatsapp_business_for_android>= unspecified < 2.22.16.122.22.16.12
metawhatsapp_business_for_ios>= unspecified < 2.22.16.122.22.16.12
metawhatsapp_for_android>= unspecified < 2.22.16.122.22.16.12
metawhatsapp_for_ios>= unspecified < 2.22.16.122.22.16.12
whatsappwhatsapp< 2.22.16.122.22.16.12
whatsappwhatsapp_business< 2.22.16.122.22.16.12

Detection & IOCsextracted from sources · hover to see the quote

  • Flag WhatsApp for Android versions prior to v2.22.16.12 as vulnerable to CVE-2022-36934
  • Flag WhatsApp Business for Android versions prior to v2.22.16.12 as vulnerable to CVE-2022-36934
  • Flag WhatsApp for iOS versions prior to v2.22.16.12 as vulnerable to CVE-2022-36934
  • Flag WhatsApp Business for iOS versions prior to v2.22.16.12 as vulnerable to CVE-2022-36934
  • Use Qualys QQL query to identify unpatched WhatsApp assets in mobile device inventory
  • Use Qualys QID 630827 to detect CVE-2022-36934 and CVE-2022-27492 on enrolled mobile assets
  • ·CVE-2022-36934 is exploitable only during an established video call (not passive/unauthenticated); exploitation requires an active video call session with the victim
  • ·Qualys QID 630827 detection is available in signature version SEM VULNSIGS-1.0.0.69 and is not tied to a specific Cloud Agent version

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cisa7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.