WhatsApp for Windows <2.2450.6: MIME vs. Extension Spoofing
CVE-2025-30401 Published on April 5, 2025
A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachments filename extension. A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp. We have not seen evidence of exploitation in the wild.
Vulnerability Analysis
CVE-2025-30401 can be exploited with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and a small impact on availability.
Products Associated with CVE-2025-30401
Want to know whenever a new CVE is published for WhatsApp? stack.watch will email you.
Affected Versions
Facebook WhatsApp Desktop for Windows:- Version 0.0.0 and below 2.2450.6 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.