Allele Security Alert
ASA-2020-00045
Identifier(s)
ASA-2020-00045, CVE-2020-1889
Title
A security feature bypass issue could have allowed for sandbox escape
Vendor(s)
Product(s)
WhatsApp Desktop
Affected version(s)
WhatsApp Desktop versions before v0.3.4932
Fixed version(s)
WhatsApp Desktop version v0.3.4932
Proof of concept
Unknown
Description
A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.
Technical details
Unknown
Credits
Unknown
Reference(s)
WhatsApp Security Advisories
https://www.whatsapp.com/security/advisories/2020
CVE-2020-1889
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1889
CVE-2020-1889
https://nvd.nist.gov/vuln/detail/CVE-2020-1889
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: September 9, 2020