CVE-2022-36934 is a critical integer overflow vulnerability (CWE-122) found in Meta's WhatsApp application for iOS. This flaw allows an attacker to execute remote code during an established video call session. The vulnerability arises from improper handling of integer values within the video call processing logic, which can lead to memory corruption. Exploiting this vulnerability does not require any user interaction, privileges, or authentication, and can be triggered remotely over the network. The CVSS v3.1 score of 9.8 reflects the high severity, with attack vector being network-based, no required privileges or user interaction, and impacts on confidentiality, integrity, and availability. Although no known exploits have been reported in the wild, the potential for remote code execution makes this a significant threat. The affected versions are unspecified, but since it targets WhatsApp for iOS, all users running vulnerable versions of the app on Apple devices are at risk. The vulnerability could allow attackers to take full control of the device during a video call, potentially leading to data theft, surveillance, or further compromise of the device and connected networks.

For European organizations, this vulnerability poses a serious risk, especially for those relying on WhatsApp for iOS for communication, including sensitive or confidential discussions. Given WhatsApp's widespread use across Europe for both personal and professional communication, exploitation could lead to unauthorized access to corporate data, espionage, or disruption of business operations. The ability to execute code remotely during a video call means attackers could bypass traditional perimeter defenses and gain persistent access to devices. This is particularly concerning for sectors such as finance, government, healthcare, and critical infrastructure, where data confidentiality and integrity are paramount. Additionally, compromised devices could serve as entry points for lateral movement within organizational networks, amplifying the threat. The lack of required user interaction or authentication lowers the bar for exploitation, increasing the likelihood of successful attacks if the vulnerability is weaponized.

Organizations should immediately ensure that all iOS devices have the latest version of WhatsApp installed, as Meta is expected to release patches addressing this vulnerability. Until patches are available, organizations should consider restricting or monitoring WhatsApp video call usage on corporate devices, especially in sensitive environments. Employing mobile device management (MDM) solutions to enforce app update policies and restrict app permissions can reduce exposure. Network-level controls such as firewall rules to limit WhatsApp traffic or intrusion detection systems tuned to detect anomalous video call activity may help detect or prevent exploitation attempts. User awareness campaigns should inform employees about the risks of using unpatched versions and encourage prompt updates. Additionally, organizations should monitor for unusual device behavior indicative of compromise during or after video calls. Incident response plans should be updated to include this threat vector, ensuring rapid containment and remediation if exploitation is suspected.