AI description
CVE-2024-7014, dubbed the "EvilVideo" vulnerability, allows malicious applications disguised as video files to be sent within the Telegram app for Android. This vulnerability affects Telegram for Android versions 10.14.4 and older. Users are advised to update their Telegram app to the latest available version to mitigate the risk posed by this vulnerability.
- Description
- EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.
- Source
- security@eset.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security@eset.com
- CWE-20
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-7014
@transilienceai
30 Mar 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-7014
@transilienceai
29 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#exploit 1. CVE-2024-7014: Telegram EvilVideo Vulnerability https://t.co/9Qajyeyn9z 2. CVE-2025-30066: Embedded Malicious Code ("tj-actions/changed-files" Attack) https://t.co/q0LSW0BDk3 3. CVE-2024-0406: Path Traversal in mholt/archiver https://t.co/v5eRaEUVG9
@ksg93rd
19 Mar 2025
596 Impressions
2 Retweets
11 Likes
3 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7014
@transilienceai
16 Mar 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-7014 (EvilVideo) Exploit! https://t.co/1kkyT8Lqvv #CVE2024 #Telegram #Exploit
@absholi7ly
16 Mar 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
مواظب ویدئوهای دریافتی در تلگرام باشید. به تازگی برای file-type مربوط به تلگرام آسیب پذیری با کد شناسایی CVE-2024-7014 منتشر شده است. هکرها با استفاده از این آسیب پذیری یک فایل html آلوده به کدهای javascript را به جای یک فایل ویدئویی جا می زنند . https://t.co/Poz3aKY03t https://t
@AmirHossein_sec
9 Mar 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploiting the EvilVideo vulnerability on Telegram for Android : https://t.co/4TRxor4EAB credits @LukasStefanko CVE-2024-7014 Return : Updated Evilloader : https://t.co/3XfT6Jrghn telegram-video-extension-manipulation-PoC : https://t.co/DVNoMuxqgp credits @0x6rss https://t.
@binitamshah
5 Mar 2025
3181 Impressions
7 Retweets
34 Likes
21 Bookmarks
0 Replies
0 Quotes
TelegramのEvilVideo脆弱性(CVE-2024-7014)について。悪性HTMLを動画ファイルに偽装し、開かれた際にJavaScriptを実行させることが可能。 https://t.co/mqX2uzFkmd
@__kokumoto
5 Mar 2025
49 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actualmente, sigue existiendo una vulnerabilidad en Telegram que tiene similitudes con la CVE-2024-7014, relacionada con archivos ".htm" que se camuflan como videos y se envían a través de la API de Telegram o mediante un bot. Aunque el archivo parece ser un video, lo que… https:
@ivancastl
5 Mar 2025
12771 Impressions
43 Retweets
211 Likes
102 Bookmarks
0 Replies
1 Quote
CVE-2024-7014 Return: Attackers can send messages disguised as fake videos via Telegram, tricking you into downloading malware or exposing your IP address. Blog: https://t.co/f4PbUwcIYJ Check PoC: https://t.co/XBUeSnvMQb https://t.co/Ja4YfuRqsc
@0x6rss
4 Mar 2025
19621 Impressions
82 Retweets
324 Likes
185 Bookmarks
2 Replies
2 Quotes
Today was published on Telegram channel demo of exploiting new #EvilVideo vulnerability affecting Telegram for Android (CVE-2024-7014). The video was recorded on January 18, 2025. https://t.co/s9DAJ0pnME
@androidmalware2
14 Feb 2025
2779 Impressions
14 Retweets
86 Likes
35 Bookmarks
3 Replies
0 Quotes
In the latest version of G-700 Android RAT was allegedly added exploitation of the #EvilVideo Telegram vulnerability (CVE-2024-7014) The exploit allows sending malicious APK files disguised as video EvilVideo: https://t.co/fb9FmhGhMt G-700 RAT: https://t.co/c6zDJUnvms https://t.
@LukasStefanko
7 Jan 2025
13055 Impressions
14 Retweets
33 Likes
23 Bookmarks
2 Replies
2 Quotes