CVE-2024-2045

Name of the Vulnerable Software and Affected Versions Session version 1.17.5

Description The application is vulnerable to Local File Read via chat attachments, allowing internal application files and public files from the user's device to be obtained without the user's consent.

Recommendations For Session version 1.17.5, consider disabling the chat attachment feature until a patch is available to prevent exploitation of the Local File Read vulnerability. Restrict access to sensitive files and directories to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.