CVE-2025-55177

MEDIUM KEV

WhatsApp for iOS < 2.25.21.73 and WhatsApp Business for iOS < 2.25.21.78 - Incomplete Authorization

Title source: llm

Exploitation Summary

CVE-2025-55177 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added September 2, 2025. EIP tracks 1 public exploit from researchers including danielw98.

AI-analyzed exploit summary This repository provides a detailed technical analysis of the 2025 WhatsApp/ImageIO zero-click exploit chain (CVE-2025-55177 + CVE-2025-43300), including a research paper, interactive web companion, and hands-on labs for heap/stack exploitation. It includes patch diffs, root cause analysis, and educational resources.

Description

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users.

Exploits (1)

github WRITEUP

by danielw98 · htmlremote

https://github.com/danielw98/zero-click-exploit-analysis

View Code ZIP pw:eip

This repository provides a detailed technical analysis of the 2025 WhatsApp/ImageIO zero-click exploit chain (CVE-2025-55177 + CVE-2025-43300), including a research paper, interactive web companion, and hands-on labs for heap/stack exploitation. It includes patch diffs, root cause analysis, and educational resources.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Complex

Reliability

Theoretical

Target: WhatsApp for iOS, ImageIO

No auth needed

Prerequisites: knowledge of memory corruption techniques · understanding of iOS security mechanisms

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Apr 25, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://www.facebook.com/security/advisories/cve-2025-55177

Vendor Advisory x_refsource_confirm

https://www.whatsapp.com/security/advisories/2025/

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-55177

Scores

CVSS v3 5.4

EPSS 0.0076

EPSS Percentile 73.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2025-09-02

VulnCheck KEV 2025-08-20

ENISA EUVD EUVD-2025-26214

CWE

CWE-863

Status published

Products (3)

whatsapp/whatsapp 2.22.25.2 - 2.25.21.73

whatsapp/whatsapp 2.22.25.2 - 2.25.21.78

whatsapp/whatsapp_business 2.22.25.2 - 2.25.21.78

Published Aug 29, 2025

KEV Added Sep 02, 2025

Tracked Since Feb 18, 2026