How does CVE-2020-1909 affect me?

If you are using WhatsApp for iOS prior to v2.20.111 or WhatsApp Business for iOS prior to v2.20.111, you may be affected by the use-after-free vulnerability, which could lead to memory corruption, crashes, and potentially code execution.

How severe is CVE-2020-1909?

CVE-2020-1909 has a severity rating of 9.8 (Critical).

How can I fix CVE-2020-1909?

To fix CVE-2020-1909, update WhatsApp for iOS to v2.20.111 or later, or update WhatsApp Business for iOS to v2.20.111 or later.

Where can I find more information about CVE-2020-1909?

You can find more information about CVE-2020-1909 on the official WhatsApp security advisories page: https://www.whatsapp.com/security/advisories/2020/

Vulnerability/
CVE-2020-1909

critical

9.8

CWE

416

3/11/2020

4/8/2024

CVE-2020-1909: Use After Free

Q: What is CVE-2020-1909?

CVE-2020-1909 is a use-after-free vulnerability in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111, which could result in memory corruption, crashes, and potentially code execution.

First published: Tue Nov 03 2020(Updated: )

A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. This could have happened only if several events occurred together in sequence, including receiving an animated sticker while placing a WhatsApp video call on hold.

Credit: cve-assign@fb.com

Affected Software	Affected Version	How to fix
Whatsapp Whatsapp	<2.20.111
Whatsapp Whatsapp Business	<2.20.111

Never miss a vulnerability like this again

Reference Links

https://www.whatsapp.com/security/advisories/2020/

Frequently Asked Questions

What is CVE-2020-1909?
CVE-2020-1909 is a use-after-free vulnerability in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111, which could result in memory corruption, crashes, and potentially code execution.
How does CVE-2020-1909 affect me?
If you are using WhatsApp for iOS prior to v2.20.111 or WhatsApp Business for iOS prior to v2.20.111, you may be affected by the use-after-free vulnerability, which could lead to memory corruption, crashes, and potentially code execution.
How severe is CVE-2020-1909?
CVE-2020-1909 has a severity rating of 9.8 (Critical).
How can I fix CVE-2020-1909?
To fix CVE-2020-1909, update WhatsApp for iOS to v2.20.111 or later, or update WhatsApp Business for iOS to v2.20.111 or later.
Where can I find more information about CVE-2020-1909?
You can find more information about CVE-2020-1909 on the official WhatsApp security advisories page: https://www.whatsapp.com/security/advisories/2020/

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/severity
agent/references
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/tags
vendor/whatsapp
canonical/whatsapp whatsapp
canonical/whatsapp whatsapp business

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.