Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2021-47793

CVE-2021-47793: Telegram Desktop DoS Vulnerability

CVE-2021-47793 is a denial of service vulnerability in Telegram Desktop 2.9.2 that allows attackers to crash the application using oversized message payloads. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2021-47793 Overview

CVE-2021-47793 is a denial of service vulnerability affecting Telegram Desktop version 2.9.2. The flaw allows attackers to crash the application by sending an oversized message payload. Specifically, attackers can generate a 9 million byte buffer and paste it into the messaging interface, which triggers an application crash due to improper resource allocation without limits.

This vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling), indicating that the application fails to properly validate or limit the size of input data before processing, leading to resource exhaustion and application instability.

Critical Impact

Attackers can repeatedly crash Telegram Desktop instances by sending malformed oversized messages, disrupting user communications and potentially affecting business operations relying on the messaging platform.

Affected Products

  • Telegram Desktop 2.9.2

Discovery Timeline

  • 2026-01-16 - CVE CVE-2021-47793 published to NVD
  • 2026-01-16 - Last updated in NVD database

Technical Details for CVE-2021-47793

Vulnerability Analysis

This denial of service vulnerability stems from inadequate input validation in Telegram Desktop's message handling functionality. The application fails to enforce proper size limits when processing message payloads pasted into the messaging interface. When an attacker submits approximately 9 million bytes of data through the message input field, the application attempts to process this oversized buffer without appropriate bounds checking, resulting in resource exhaustion and subsequent application crash.

The local attack vector requires user interaction, as the exploit is triggered through the messaging interface rather than through network-based remote exploitation. However, the attack has a low complexity and requires no special privileges, making it accessible to any user who can interact with the Telegram Desktop application.

Root Cause

The root cause of CVE-2021-47793 is CWE-770: Allocation of Resources Without Limits or Throttling. Telegram Desktop 2.9.2 does not implement adequate validation or size restrictions on message input buffers. When exceptionally large data is submitted through the messaging interface, the application attempts to allocate memory for the entire payload without checking against reasonable size thresholds, leading to memory exhaustion or buffer handling failures that crash the application.

Attack Vector

The attack vector for this vulnerability is local, requiring direct interaction with the Telegram Desktop application. An attacker must:

  1. Generate a large buffer of approximately 9 million bytes
  2. Paste the buffer contents into the Telegram Desktop messaging interface
  3. The application attempts to process the oversized payload
  4. Resource exhaustion or buffer handling failure causes the application to crash

The vulnerability does not require authentication or elevated privileges. The attacker needs only access to run the Telegram Desktop application and the ability to paste content into the message input field. Detailed technical information about this vulnerability can be found in the Exploit-DB #50247 entry and the VulnCheck Advisory for Telegram.

Detection Methods for CVE-2021-47793

Indicators of Compromise

  • Telegram Desktop application crashes without apparent user action during message composition
  • Repeated application restarts or instability when receiving or composing messages
  • Abnormally high memory consumption by the Telegram Desktop process prior to crash
  • System logs showing application faults in Telegram Desktop with memory-related error codes

Detection Strategies

  • Monitor for Telegram Desktop process crashes and correlate with timeline of message receipt or composition
  • Implement endpoint detection rules that alert on rapid successive launches of Telegram Desktop indicating crash/restart cycles
  • Configure application crash monitoring to flag Telegram Desktop instability patterns
  • Review message logs for unusually large message sizes if accessible through enterprise management tools

Monitoring Recommendations

  • Enable application stability monitoring on endpoints running Telegram Desktop
  • Configure endpoint protection solutions to monitor process health for communication applications
  • Implement user behavior analytics to detect abnormal patterns of application crashes
  • Set up alerts for memory exhaustion events on workstations running vulnerable Telegram Desktop versions

How to Mitigate CVE-2021-47793

Immediate Actions Required

  • Update Telegram Desktop to the latest version available from the official Telegram website
  • Verify that automatic updates are enabled for Telegram Desktop installations across the organization
  • Consider implementing application control policies to enforce minimum version requirements
  • Advise users to avoid copying large amounts of data into the Telegram message interface

Patch Information

Users should update to a patched version of Telegram Desktop from the official distribution channels. Check the Telegram Official Website for the latest secure version. Organizations should verify the installed version of Telegram Desktop across endpoints and ensure all installations are updated to versions newer than 2.9.2.

Workarounds

  • Restrict the use of Telegram Desktop version 2.9.2 in enterprise environments until patched
  • Implement clipboard monitoring or restrictions to prevent extremely large paste operations if supported by endpoint management tools
  • Consider using Telegram Web or mobile applications as alternatives while awaiting updates
  • Educate users about the vulnerability and advise against pasting large amounts of data
bash
# Check Telegram Desktop version on Windows
# Navigate to Help > About Telegram Desktop in the application menu
# Or check the installation directory for version information

# Verify installation path (Windows)
dir "%APPDATA%\Telegram Desktop"

# For automated version checking across enterprise endpoints,
# consider using your endpoint management solution to query
# installed application versions and flag any instances of 2.9.2

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne