Uncovered 0-Day Weakness in WhatsApp Leads to Unauthorized Access for Mac and iOS Users
WhatsApp, one of the world's most popular communication platforms, has confirmed a sophisticated attack campaign that leveraged a zero-day vulnerability (CVE-2025-55177) on Apple devices. This incident is the latest example of mercenary spyware campaigns targeting high-profile individuals, including journalists and civil society members.
The vulnerability (CVE-2025-55177) allowed an attacker to trigger the processing of content from an arbitrary URL on a target's device. This could potentially lead to memory corruption when processing a malicious image file. The attack was carried out through popular communication platforms like WhatsApp.
WhatsApp's internal security team discovered the vulnerability, and they have since deployed a patch to prevent the attack from occurring through its platform. Affected users are urged to take immediate action to secure their devices, as the malicious message may have compromised users' devices and data, including messages.
Targeted users received notifications about a potential compromise of their device and data. WhatsApp recommends targeted individuals to perform a full device factory reset due to the sophisticated nature of the spyware. Additionally, WhatsApp urges all users to ensure their WhatsApp application is up to date.
The attack used this WhatsApp vulnerability in conjunction with a zero-day flaw within Apple's iOS, iPadOS, and macOS (CVE-2025-43300). Apple confirmed that CVE-2025-43300 "may have been exploited in an extremely sophisticated attack against specific targeted individuals". The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-43300 to its catalog of known exploited threats.
Meta, WhatsApp's parent company, investigated the zero-click exploit vulnerabilities and issued patches to protect affected iOS and MacOS users. The vulnerability in WhatsApp existed in the way it handled linked device synchronization messages.
WhatsApp urges all users to keep their devices updated to the latest version of their operating system. By doing so, users can protect themselves from such attacks in the future. It is crucial for all users to prioritise security and stay vigilant against potential threats.
