Signal · Signal Private Messenger · CVE-2019-17191
**Name of the Vulnerable Software and Affected Versions**
Signal Private Messenger versions prior to 4.47.7
**Description**
The issue allows a caller to force a call to be answered without the callee's interaction, via a connect message. Although the callee is aware of the call, the audio channel may be open before they can take action to prevent eavesdropping.
**Recommendations**
For versions prior to 4.47.7, update to version 4.47.7 or later to resolve the issue.