CVE-2020-10570
MEDIUMTelegram < 5.12.0 - Unauthenticated Message Access Bypass via Show Popup Feature
Title source: llmDescription
The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-10570
Scores
CVSS v3
6.1
EPSS
0.0039
EPSS Percentile
30.8%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
Status
published
Products (1)
telegram/telegram
< 5.12.0
Published
Mar 24, 2020
Tracked Since
Feb 18, 2026