CVE-2023-38537 MEDIUM

CVE-2023-38537

Vendor Facebook
Product WhatsApp Desktop for Mac
Published October 4, 2023
Last update September 19, 2024

CVSS base score

5.6/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

What the vulnerability does

01Description

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.

Key dates

02Disclosure timeline

October 4, 2023 CVE published
September 19, 2024 Record updated