Security Advisory

CVE-2025-30259

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-19 00:00:00

Last updated 2025-03-20 20:36:29

Assigner mitre

State PUBLISHED

Description

The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL.

← Browse all CVEs View on cve.org ↗