'Multiple Vulnerabilities In WhatsApp': India's Nodal Cybersecurity Agency Alerts About Risk Of Sensitive Data Leak

New Delhi: India's nodal cybersecurity agency CERT-In has alerted WhatsApp users by informing about certain vulnerabilities in the widely used messaging app that can potentially lead to a breach of sensitive information.

The CERT-In or the Indian Computer Emergency Response Team issued a "high" severity rating advisory over the vulnerability that has been detected in the platform. Softwares that have "WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32" are reported to show these issues.

ALSO READ | WhatsApp Vulnerability Can Allow Hackers To De-Activate Your Account By Just Using Your Phone Number

"Multiple vulnerabilities have been reported in WhatsApp applications which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system," the advisory stated.

It further revealed that these vulnerabilities "exist in WhatsApp applications due to a cache configuration issue and missing bounds check within the audio decoding pipeline".

"Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or access sensitive information on a targeted system," it cautioned.

The advisory has also advised that users of the application should update the latest version of WhatsApp from Google Play Store or iOS App Store to be able to counter the vulnerability threat.

For the uninitiated, CERT-In is the national technology arm to tackle concerns of cyberattacks. It is an office within the Ministry of Electronics and Information Technology, guarding Indian cyberspace.