← voltar
CVE-2025-55179

CVE-2025-55179

CVSS 5.4 MEDIUMEPSS 0.1%
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
18 nov 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We have not seen evidence of exploitation in the wild.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C
Produtos afetados
Facebook · WhatsApp Business for iOSFacebook · WhatsApp Desktop for MacFacebook · WhatsApp for iOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.facebook.com/security/advisories/cve-2025-55179https://www.whatsapp.com/security/advisories/2025/