← volver
CVE-2025-55179

CVE-2025-55179

CVSS 5.4 MEDIUMEPSS 0.1%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
18 nov 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen evidence of exploitation in the wild.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C
Productos afectados
Facebook · WhatsApp Business for iOSFacebook · WhatsApp Desktop for MacFacebook · WhatsApp for iOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.facebook.com/security/advisories/cve-2025-55179https://www.whatsapp.com/security/advisories/2025/