COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-55177

CVE-2025-55177

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-09-02
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-55177
⌖ exploited in the wild shame 50/100 exploited-in-wild

Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could allow an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.

Players implicated

Meta Platforms · vendorWhatsApp · product

Description

Meta Platforms WhatsApp contains an incorrect authorization vulnerability due to an incomplete authorization of linked device synchronization messages. This vulnerability could allow an unrelated user to trigger processing of content from an arbitrary URL on a target’s device.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.