CVE-2021-24043
📋 TL;DR
This vulnerability in WhatsApp's RTCP parsing code allows an attacker to read memory outside the allocated heap buffer by sending a specially crafted RTCP packet during a call. It affects WhatsApp users on Android, iOS, and Desktop platforms. Successful exploitation could leak sensitive information from the application's memory.
💻 Affected Systems
- WhatsApp for Android
- WhatsApp Business for Android
- WhatsApp for iOS
- WhatsApp Business for iOS
- WhatsApp Desktop
📦 What is this software?
Whatsapp by Whatsapp
Whatsapp by Whatsapp
Whatsapp by Whatsapp
⚠️ Risk & Real-World Impact
Worst Case
Information disclosure leading to exposure of sensitive call data, authentication tokens, or other application memory contents that could facilitate further attacks.
Likely Case
Application crash or instability during calls, potentially disrupting communication.
If Mitigated
No impact if patched versions are used or if network controls prevent malicious RTCP packets.
🎯 Exploit Status
Exploitation requires establishing a call with the target and sending malformed RTCP packets. No public exploit code has been disclosed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: WhatsApp for Android v2.21.23.2+, WhatsApp Business for Android v2.21.23.2+, WhatsApp for iOS v2.21.230.6+, WhatsApp Business for iOS 2.21.230.7+, WhatsApp Desktop v2.2145.0+
Vendor Advisory: https://www.whatsapp.com/security/advisories/2021/
Restart Required: Yes
Instructions:
1. Open your device's app store (Google Play Store or Apple App Store). 2. Search for WhatsApp. 3. Update to the latest version. 4. For WhatsApp Desktop, open the application and check for updates in settings or download from whatsapp.com/download.
🔧 Temporary Workarounds
Disable WhatsApp calls
allPrevent voice/video calls which are required to trigger the vulnerability
Network filtering
allBlock or filter RTCP packets at network perimeter
🧯 If You Can't Patch
- Restrict WhatsApp usage to trusted networks only
- Monitor for unusual call behavior or application crashes
🔍 How to Verify
Check if Vulnerable:
Check WhatsApp version in app settings: Settings > Help > App Info. Compare against patched versions listed in affected systems.Check Version:
Not applicable - check version in app settings interfaceVerify Fix Applied:
Confirm version is equal to or higher than patched versions: Android v2.21.23.2+, iOS v2.21.230.6+, Desktop v2.2145.0+📡 Detection & Monitoring
Log Indicators:
- Application crashes during calls
- Unusual memory access errors in system logs
Network Indicators:
- Malformed RTCP packets during WhatsApp calls
- Unusual network traffic patterns during calls
SIEM Query:
Not publicly available - monitor for WhatsApp application crashes or network anomalies during voice/video calls