CVE-2023-26818

Name of the Vulnerable Software and Affected Versions Telegram versions 9.3.1 through 9.4.0

Description The issue is related to insufficient access control in Telegram, allowing remote attackers to access restricted files, the microphone, or video recording. This is achieved via the DYLD INSERT LIBRARIES flag. The problem is not solely with Telegram but also with the system's security model, particularly on macOS where applications are granted permissions rather than users. The exploitation requires the device to be already compromised with root access malware. There is no information on the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations For Telegram versions 9.3.1 through 9.4.0, consider disabling the DYLD INSERT LIBRARIES flag as a temporary workaround until a patch is available. Restrict access to the microphone and camera to minimize the risk of exploitation. Avoid using the DYLD INSERT LIBRARIES variable in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.