Meta has released security updates to address a vulnerability (CVE-2025-55177) in WhatsApp that could allow an attacker to process arbitrary content on a target device via unauthorized synchronization messages.
Severity level:-
CVSS Score: 5.4/Medium.
Description:- WhatsApp is a widely used messaging platform across iOS and macOS. CVE-2025-55177 is a vulnerability caused by聽incomplete authorization of linked device synchronization messages. This flaw allows an unrelated user to trigger processing of content from an arbitrary URL on a target鈥檚 device.
Affected Versions聽:-聽 聽
- WhatsApp for iOS: versions聽before 2.25.21.73.
- WhatsApp Business for iOS: versions聽before 2.25.21.78.
- WhatsApp for macOS: versions聽before 2.25.21.78.
Impact:-
Successful exploitation may allow Unauthorized content processing from arbitrary URLs.
Resolution:- Please update to the following patched versions:
- WhatsApp for iOS: versions聽2.25.21.73 or later.
- WhatsApp Business for iOS: versions聽2.25.21.78 or later.
- WhatsApp for macOS: versions聽2.25.21.78 or later.
Reference:-