Vulnerability:
A spoofing issue in Whatapp for window prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachments file name extension.A malicious crafted mismatch could have caused the recipient to inadvertently excute arbitrary code rather than view the attachment when mannually opening the attachment inside whatapp. we have not seen evidence of exploitation in the wild.
| CVE | CVE-2025-30401 |
| CVVS | 6.7 Medium |
| Publised date | 5 April 2025 |
| Impacted Devices | Windows version 2.2450.6 |
| Exploitation | No |
Solutions
Update Windows WhatsApp verions to the latest one
Leave a Reply