Vulnerability overview
WeChat is an instant messenger application with a large user base in China. It also offers users the ability to pay for certain products through the app and includes several functionalities similar to other social media platforms like Facebook and X.
During Cisco Talos’ research of WeChat, we uncovered that it employs a custom WebView component instead of relying on the built-in Android WebView. This component is a custom version of XWalk, maintained by Tencent, which consists of an embedded Chromium browser with V8 version 8.6.365.13 released on Oct. 12, 2020, supporting the rendering of HTML and the execution of JavaScript.
The custom WebView component is dynamically downloaded onto the phone after the user logs into the app for the first time, allowing Tencent to deploy dynamic updates. When downloaded, XWalk webview is located at the path `/data/data/com.tencent.mm/app_xwalk_4433/apk/base.apk`. The library at /data/data/com.tencent.mm/app_xwalk_4433/extracted_xwalkcore/libxwebcore.so contains an embedded browser environment with an outdated version of V ..
Support the originator by clicking the read the rest link below.