Reordering Issue in Telegram for Android, iOS, and Desktop
CVE-2021-36769

5.3MEDIUM

Key Information:

Vendor: Telegram
Status: Telegram; Telegram Desktop
Vendor: CVE Published:; 17 July 2021

What is CVE-2021-36769?

Telegram versions prior to 7.8.1 for Android, 7.8.3 for iOS, and 2.8.8 for Desktop exhibit a reordering issue. This vulnerability allows attackers to manipulate the sequence in which messages are sent and received, potentially impairing message integrity and leading to confusion during conversations. Users on these affected versions may experience significant risks to their private communications as the server can receive messages in a different order than intended by the sender.

References

https://mtpsym.github.io

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2021
Vulnerability Reserved
Jul 16, 2021