Lucene search
HistoryMay 19, 2023 - 12:15 p.m.
CVE-2023-26818
cve-2023-26818
telegram
security vulnerability
access control
dyld_insert_libraries
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
Affected configurations
Node
telegramtelegramMatch9.3.1macos
ORtelegramtelegramMatch9.4macos
| CPE | Name | Operator | Version |
|---|---|---|---|
| telegram:telegram | telegram | eq | 9.3.1 |
| telegram:telegram | telegram | eq | 9.4 |
Related
cvelist
cvelist
CVE-2023-26818
2023-05-19 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Authorization in Telegram
2023-08-30 12:40:50
nvd
nvd
CVE-2023-26818
2023-05-19 12:15:09
prion
prion
Design/Logic Flaw
2023-05-19 12:15:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-26818