What the vulnerability does
01Description
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.
CVE-2024-7014
HIGH
CVE-2024-7014: Improper multimedia file attachment validation in Telegram for Android app
CVSS base score
7.1/10
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
Key dates
02Disclosure timeline
July 23, 2024
CVE published
August 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2020-3172 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability
CVE-2020-3238 Cisco IOx Application Framework Arbitrary File Creation Vulnerability
CVE-2022-45469
CVE-2021-44409
CVE-2026-21268 Dreamweaver Desktop | Improper Input Validation (CWE-20)
