CVE-2019-15514

Name of the Vulnerable Software and Affected Versions Telegram app version 5.10 for Android and iOS

Description The issue concerns the Privacy > Phone Number feature, which incorrectly indicates that the access level is set to Nobody. However, attackers can still find these numbers via the Group Info feature by adding a significant fraction of a region's assigned phone numbers. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Telegram app version 5.10, consider restricting access to the Group Info feature to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.