PT-2021-17322 · Telegram · Telegram

Dhiraj

Published

2021-02-12

Updated

2021-09-08

CVE-2021-27205

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Telegram versions prior to 7.4 (212543) Stable on macOS

Description: The issue concerns the storage of self-destructed messages in a sandbox path on macOS, leading to sensitive information disclosure.

Recommendations: For versions prior to 7.4 (212543) Stable on macOS, update to version 7.4 (212543) Stable or later to resolve the issue.

Exploit

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2021-27205