Cleartext Credentials Transmission in Telegram Desktop by Telegram
CVE-2018-17613
9.8CRITICAL
What is CVE-2018-17613?
The Telegram Desktop application, specifically version 1.3.16 alpha, exhibits a vulnerability where enabling the 'Use proxy' feature results in sensitive credentials and application data being transmitted unencrypted over the SOCKS5 protocol. This flaw poses a significant risk of interception by malicious actors, potentially leading to unauthorized access to user accounts and exposed personal information. Users of this version are advised to disable the proxy feature or upgrade to a patched version to mitigate these risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved