Ethical Hacking News
Alleged unpatched Telegram zero-day vulnerability allows device takeover, with Telegram denying its existence. As a result, security experts are left grappling with the potential implications of this flaw.
Researchers have discovered an alleged unpatched Telegram zero-day vulnerability. The vulnerability (ZDI-CAN-30207) allows attackers to execute code on targeted devices without user interaction, and can be exploited by sending a malicious animated sticker. The flaw lies in how Telegram processes media to generate previews, allowing crafted files to trigger code execution. Telegram has denied the disclosed zero-click vulnerability, stating it does not exist. Users can limit incoming messages from new contacts as a mitigation measure on Telegram Business.
The cybersecurity landscape has witnessed its fair share of high-profile vulnerabilities and exploits in recent times. However, a recent development has sparked significant concern among security experts and enthusiasts alike. An alleged unpatched Telegram zero-day vulnerability has been reported, which, if exploited, could potentially allow attackers to take full control of devices using the popular messaging platform.
The details surrounding this vulnerability are as follows: researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulnerability through Zero Day Initiative (ZDI). The vulnerability, tracked as ZDI-CAN-30207 (CVSS score of 9.8), allows attackers to execute code on targeted devices without any user interaction. This vulnerability is especially dangerous because an attacker can exploit it simply by sending a malicious animated sticker, with no action required from the victim.
The flaw poses a serious security risk, especially as no patch is currently available, raising concerns across the cybersecurity community. The vulnerability lies in how Telegram automatically processes media to generate previews, allowing crafted files to trigger code execution. This vulnerability affects Telegram on Android and Linux; if exploited, it allows attackers to take full control of a device.
At this time, it is unclear whether threat actors have already exploited this vulnerability in attacks in the wild. The Zero Day Initiative did not disclose technical details about the vulnerability to give the company time to address it by July 24, 2026. However, Telegram has denied the disclosed zero-click vulnerability, stating that it does not exist.
Telegram Business users can limit incoming messages from new contacts as a mitigation measure. In Settings – Privacy and Security – Messages, they can restrict messages to saved contacts or Premium users only. This move aims to reduce the attack surface and minimize potential vulnerabilities.
Exploits targeting popular platforms like Telegram can be worth millions on underground markets, and threat actors can quickly weaponize them. The implications of this vulnerability are far-reaching and underscore the importance of timely patching and responsible disclosure by security researchers.
The incident serves as a stark reminder of the ongoing cat-and-mouse game between cybersecurity experts and threat actors. As vulnerabilities are discovered and patched, new ones emerge, pushing the boundaries of innovation and exploitation in the digital realm.
In conclusion, this alleged Telegram zero-day vulnerability highlights the pressing need for vigilance and proactive measures to mitigate potential security risks. The incident underscores the importance of collaboration among security researchers, vendors, and users in keeping sensitive information secure and preventing malicious activities from gaining traction.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Critical-Telegram-Zero-Day-Vulnerability-Sparks-Concern-A-Closer-Look-at-the-Alleged-Device-Takeover-Flaw-ehn.shtml
https://securityaffairs.com/190167/security/its-a-mystery-alleged-unpatched-telegram-zero-day-allows-device-takeover-but-telegram-denies.html
https://cybersecuritynews.com/telegram-zero-day-vulnerability-exploited/
Published: Mon Mar 30 10:31:08 2026 by llama3.2 3B Q4_K_M
