Blockchain security platform CertiK uncovered a Telegram vulnerability on April 9 that allows hackers to deploy a remote code execution (RCE) attack through “specially crafted media files, such as images or videos.”
CertiK raised the alarm in an X post, describing the RCE attack as a “high-risk vulnerability in the wild.” An RCE vulnerability allows an attacker to execute arbitrary code on a remote device, which can lead to various levels of damage.
The security firm told the media that the RCE attack was exclusive to Telegram’s desktop version, not its mobile applications, as it was not designed to run executable programs.
#CertiKInsight ⚠️
We see a high-risk vulnerability in the wild,
Please check your telegram configurations to improve security!