CVE-2020-1889
First published: Thu Sep 03 2020(Updated: )
A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.
Credit: cve-assign@fb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Whatsapp Whatsapp Desktop | <0.3.4932 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-1889.
What is the severity of CVE-2020-1889?
CVE-2020-1889 has a severity level of critical.
What is affected by CVE-2020-1889?
WhatsApp Desktop versions prior to v0.3.4932 are affected by CVE-2020-1889.
What is the potential impact of CVE-2020-1889?
CVE-2020-1889 could lead to a sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability in the sandboxed renderer process.
How can I fix CVE-2020-1889?
To fix CVE-2020-1889, update WhatsApp Desktop to version v0.3.4932 or later.
- collector/nvd-index
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/whatsapp
- canonical/whatsapp whatsapp desktop