Storm Brews Over Critical, No-Click Telegram Flaw
Summary
A critical, no-click vulnerability allegedly exists in Telegram, triggered by a corrupted sticker, and has reportedly been assigned a CVSS score of 9.8. However, Telegram has denied the existence of this flaw.
IFF Assessment
A critical, high-severity vulnerability in a widely used messaging application represents a significant threat to users' security and privacy.
Severity
The CVSS score of 9.8 indicates a critical severity, likely due to an easily exploitable attack vector (no-click) and a significant impact on confidentiality, integrity, and availability.
Defender Context
This situation highlights the importance of verifying and patching vulnerabilities in communication platforms, as even minor triggers like corrupted stickers can lead to severe exploits. Defenders should remain vigilant for official advisories from Telegram or trusted security researchers regarding this or similar issues.