CERT-In, the Indian cyber agency has announced a warning to WhatsApp users for multiple bugs. These bugs could be exploited by a remote attacker to execute arbitrary code on the targeted system.
In an advisory, CERT-In, under the IT Ministry, described two remote code execution vulnerabilities in Meta-owned WhatsApp in both Android and iOS versions.
The first vulnerability exists in WhatsApp due to integer overflow.
"A remote attacker could exploit this vulnerability to execute remote code in an established video call," warned the cyber agency.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system, said CERT-In.
Hackers can also exploit the second vulnerability in WhatsApp by sending a specially-crafted video file that can put users' information at risk.
CERT-In advised WhatsApp users to install the latest security updates.
WhatsApp has nearly 500 million users in the country, according to third-party reports.