Lukas Stefanko

**Name of the Vulnerable Software and Affected Versions** Telegram for Android versions 10.14.4 and older Telegram for Android version 11.7.4 **Description** The issue is related to the incorrect handling of file extensions in received files, allowing an attacker to send malicious apps disguised as videos. This can lead to the execution of arbitrary code on the user's device. The vulnerability is exploited by creating a specially crafted HTML file that is misinterpreted by Telegram as a valid video file. When a user attempts to play one of these crafted "videos", Telegram offers to open the file in an external application, potentially leading to the installation of malicious software. The estimated number of potentially affected devices is not specified. **Recommendations** For versions 10.14.4 and older, consider disabling the video playback feature in Telegram until a patch is available. For version 11.7.4, restrict access to the video handling module to minimize the risk of exploitation. As a temporary workaround, avoid using the Telegram application for Android until a fixed version is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.