AI description
CVE-2024-7014, dubbed the "EvilVideo" vulnerability, allows malicious applications disguised as video files to be sent within the Telegram app for Android. This vulnerability affects Telegram for Android versions 10.14.4 and older. Users are advised to update their Telegram app to the latest available version to mitigate the risk posed by this vulnerability.
- Description
- EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.
- Source
- security@eset.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security@eset.com
- CWE-20
- Hype score
- Not currently trending
Today was published on Telegram channel demo of exploiting new #EvilVideo vulnerability affecting Telegram for Android (CVE-2024-7014). The video was recorded on January 18, 2025. https://t.co/s9DAJ0pnME
@androidmalware2
14 Feb 2025
2779 Impressions
14 Retweets
86 Likes
35 Bookmarks
3 Replies
0 Quotes
In the latest version of G-700 Android RAT was allegedly added exploitation of the #EvilVideo Telegram vulnerability (CVE-2024-7014) The exploit allows sending malicious APK files disguised as video EvilVideo: https://t.co/fb9FmhGhMt G-700 RAT: https://t.co/c6zDJUnvms https://t.
@LukasStefanko
7 Jan 2025
13055 Impressions
14 Retweets
33 Likes
23 Bookmarks
2 Replies
2 Quotes