Google Dan Reva discovered a vulnerability in Telegram on macOS that could be exposed to laptop camera and microphone engineers.
Allow to allow to inject dynamic load (Dylib) with a malicious exploit into Telegram on macOS. With the help of person’s permission to record camera video with sound and its read file to a hidden folder on Mac. This video and audio recording will work even if the permission is disabled.
Launching an escapit is possible because Telegram does not use Apple’s built-in Hardened Runtime security mechanism. It is responsible for blocking exploit type exceptions.
Reva reported this upload issue to Telegram in early 2023. But they didn’t get in touch and still haven’t eliminated the vulnerability. [Twitter]
Source: Iphones RU
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
