CVE-2025-55177 is a medium severity vulnerability identified in WhatsApp for iOS versions prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78. This vulnerability allows incomplete authorization of linked device synchronization messages, which can enable an unrelated user to trigger the processing of content from an arbitrary URL on a target’s device. The risk to organizations includes potential unauthorized access to sensitive information, leading to significant security breaches.
The CVSS score for this vulnerability is 5.4, indicating a medium severity level that necessitates prompt attention. Although this vulnerability may not be classified as critical, its exploitation could lead to serious consequences, particularly in combination with other vulnerabilities such as CVE-2025-43300, which affects Apple platforms.
Organizations using the affected WhatsApp products are urged to assess their exposure to this vulnerability. The urgency for defenders should be classified as critical due to its potential for exploitation and the implications it has for the confidentiality and integrity of user data.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)