CVE-2025-30259 Information
Mar 21, 2025
cve
Description
The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL.
Reference
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/ https://www.bleepingcomputer.com/news/security/whatsapp-patched-zero-day-flaw-used-in-paragon-spyware-attacks/
Related CNNVD
CNNVD-202509-2238 (Published: 2025-09-15)
Share on: