WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
Aug 30, 2025
Zero-Day / Vulnerability
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it said may have been exploited in the wild in conjunction with a recently disclosed Apple flaw in targeted zero-day attacks. The vulnerability, CVE-2025-55177 (CVSS score: 8.0), relates to a case of insufficient authorization of linked device synchronization messages. Internal researchers on the WhatsApp Security Team have been credited with discovering and rerating the bug. The Meta-owned company said the issue "could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target's device." The flaw affects the following versions - WhatsApp for iOS prior to version 2.25.21.73 WhatsApp Business for iOS version 2.25.21.78, and WhatsApp for Mac version 2.25.21.78 It also assessed that the shortcoming may have been chained with CVE-2025-43300, a vulnerability affecting iOS, iPadOS, and macOS, as part of a sophisticated attack ...
