Vulnerabilites related to teamviewer - teamviewer
Vulnerability from fkie_nvd
Published
2021-10-25 17:15
Modified
2024-11-21 06:11
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1 | Patch, Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-21-1003/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-1003/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | 15.16.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:15.16.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44BA2BE2-7138-460B-B546-1F3F57D2715C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de TeamViewer versi\u00f3n 15.16.8.0. Es requerida una interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. El fallo espec\u00edfico se presenta en el an\u00e1lisis de los archivos TVS. El problema resulta de una falta de comprobaci\u00f3n apropiada de los datos suministrados por el usuario, que puede resultar en una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Fue ZDI-CAN-13697"
}
],
"id": "CVE-2021-34859",
"lastModified": "2024-11-21T06:11:21.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-25T17:15:08.357",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-26 18:36
Modified
2024-11-21 01:18
Severity ?
Summary
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | 1.85 | |
| teamviewer | teamviewer | 2.44 | |
| teamviewer | teamviewer | 3.6.5523 | |
| teamviewer | teamviewer | 4.1.8107 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA615D66-6F52-4A15-BACB-2E43A3310F1A",
"versionEndIncluding": "5.0.8703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:1.85:*:*:*:*:*:*:*",
"matchCriteriaId": "889A712A-CFC6-4D33-8BD5-5546617F363C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "1F267A9F-F88C-4C84-8E65-2563FEF35DE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:3.6.5523:*:*:*:*:*:*:*",
"matchCriteriaId": "1F94223A-2E92-41DC-94BD-C79BBD2548D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:4.1.8107:*:*:*:*:*:*:*",
"matchCriteriaId": "8089A6AE-9773-455A-A976-E1E08DAC5135",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en TeamViewer v5.0.8703 y anteriores permite a usuarios locales, y puede que atacantes remotos, ejecutar c\u00f3digo de su elecci\u00f3n y producir un ataque de secuestro de DLL, a trav\u00e9s de un troyano dwmapi.dll que est\u00e1 ubicado en la misma carpeta que un fichero .tvs o .tvc."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\nCWE-426 - \u0027Untrusted Search Path Vulnerability\u0027",
"id": "CVE-2010-3128",
"lastModified": "2024-11-21T01:18:05.690",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-26T18:36:35.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41112"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2174"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-28 17:15
Modified
2024-09-19 17:22
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | meeting | * | |
| teamviewer | meeting | * | |
| teamviewer | meeting | * | |
| teamviewer | meeting | * | |
| teamviewer | teamviewer | * | |
| apple | macos | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:android:*:*",
"matchCriteriaId": "F013628F-FC2F-4E14-B1D4-737C1391BD79",
"versionEndExcluding": "15.44.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "8BE9FCAD-E9D1-4217-A022-0C138E24719D",
"versionEndExcluding": "15.55.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "F1F7C2AE-D5D1-48B1-96E1-2C815F9997F7",
"versionEndExcluding": "15.55.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "5E11E9BA-101C-46F8-9A3C-FF8FF69BE17D",
"versionEndExcluding": "15.57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89B97B88-D6DF-40C8-9727-3BC857B181BF",
"versionEndExcluding": "15.57.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
},
{
"lang": "es",
"value": "Un control de acceso inadecuado en la funci\u00f3n de sincronizaci\u00f3n del portapapeles en TeamViewer Full Client versi\u00f3n anterior a 15.57 y TeamViewer Meeting versi\u00f3n anterior a 15.55.3 puede provocar que se comparta involuntariamente el portapapeles con el presentador actual de una reuni\u00f3n."
}
],
"id": "CVE-2024-6053",
"lastModified": "2024-09-19T17:22:36.697",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@teamviewer.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-28T17:15:11.163",
"references": [
{
"source": "psirt@teamviewer.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"sourceIdentifier": "psirt@teamviewer.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-359"
}
],
"source": "psirt@teamviewer.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-16 15:15
Modified
2024-11-21 06:11
Severity ?
Summary
TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AF9CEE-E8EC-4849-B983-8A68034DFA69",
"versionEndExcluding": "9.0.259145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE92BC5-5413-4161-8853-DC99B65AED90",
"versionEndExcluding": "10.0.259144",
"versionStartIncluding": "10.0.2551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E35B30B3-620B-435B-820D-7A13F1EC9E84",
"versionEndExcluding": "11.0.259143",
"versionStartIncluding": "11.0.90968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8628AD-DBC1-47C6-AA4E-67DB79489A03",
"versionEndExcluding": "12.0.259142",
"versionStartIncluding": "12.0.92876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF702AEF-F12A-4F37-A042-352DF4E58AE5",
"versionEndExcluding": "13.2.36222",
"versionStartIncluding": "13.0.5058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7801E9-1B99-4A38-89D3-7C581D6DB491",
"versionEndExcluding": "14.2.56678",
"versionStartIncluding": "14.0.8346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3ED13C-EF4E-4710-8630-D3CE40FB0004",
"versionEndExcluding": "14.7.48644",
"versionStartIncluding": "14.3.4730",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations."
},
{
"lang": "es",
"value": "TeamViewer versiones anteriores a 14.7.48644 en Windows carga DLLs no confiables en determinadas situaciones"
}
],
"id": "CVE-2021-34803",
"lastModified": "2024-11-21T06:11:14.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-16T15:15:08.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-11 20:15
Modified
2024-11-21 04:21
Severity ?
Summary
An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | 14.2.2558 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:14.2.2558:*:*:*:*:*:*:*",
"matchCriteriaId": "399F2A03-873D-4EC3-8C51-BE611D4874E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en TeamViewer versiones 14.2.2558. La actualizaci\u00f3n del producto como un usuario no administrativo requiere ingresar credenciales administrativas en la GUI. Posteriormente, estas credenciales se procesan en el archivo Teamviewer.exe, lo que permite que cualquier aplicaci\u00f3n que sea ejecutada en el mismo contexto de usuario no administrativo las intercepte en texto sin cifrar dentro de la memoria del proceso. Mediante el uso de esta t\u00e9cnica, un atacante local puede obtener credenciales administrativas para elevar los privilegios. Esta vulnerabilidad puede ser explotada inyectando c\u00f3digo en el archivo Teamviewer.exe que intercepta las llamadas a GetWindowTextW y registra las credenciales procesadas."
}
],
"id": "CVE-2019-11769",
"lastModified": "2024-11-21T04:21:45.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-11T20:15:10.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-07 16:15
Modified
2025-02-04 21:15
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "TeamViewer Desktop Bypass Remote Login Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1169616E-3D16-4688-8402-8E922F26B339",
"versionEndIncluding": "14.7.1965",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers\u0027 installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system."
},
{
"lang": "es",
"value": "TeamViewer Desktop versiones hasta 14.7.1965, permite omitir el control de acceso del inicio de sesi\u00f3n remoto porque la misma clave es usada para las instalaciones de diferentes clientes. Us\u00f3 una clave AES compartida para todas las instalaciones a partir, de al menos, hasta la versi\u00f3n v7.0.43148, y la us\u00f3 para al menos OptionsPasswordAES en la versi\u00f3n actual del producto. Si un atacante fuese conocido esta clave, podr\u00eda descifrar la informaci\u00f3n de protecci\u00f3n almacenada en el registro o en los archivos de configuraci\u00f3n de TeamViewer. Con versiones anteriores a v9.x, esto permit\u00eda a atacantes descifrar la contrase\u00f1a de Unattended Access en el sistema (que permite el inicio de sesi\u00f3n remoto en el sistema, as\u00ed como la exploraci\u00f3n de archivos sin encabezado). La \u00faltima versi\u00f3n a\u00fan utiliza la misma clave para OptionPasswordAES pero parece haber cambiado la manera en que se almacena la contrase\u00f1a de Unattended Access. Mientras que en la mayor\u00eda de los casos un atacante requiere una sesi\u00f3n existente en un sistema, si las claves de registro/configuraci\u00f3n fueron almacenadas fuera de la m\u00e1quina (como en un recurso compartido de archivos o en l\u00ednea), un atacante podr\u00eda descifrar la contrase\u00f1a requerida para iniciar sesi\u00f3n en el sistema ."
}
],
"id": "CVE-2019-18988",
"lastModified": "2025-02-04T21:15:18.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-02-07T16:15:10.033",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://whynotsecurity.com/blog/teamviewer/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://whynotsecurity.com/blog/teamviewer/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-521"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-521"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-29 16:15
Modified
2024-11-21 05:01
Severity ?
Summary
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF98F00-0602-4EBD-9604-848582BA41D6",
"versionEndExcluding": "15.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3."
},
{
"lang": "es",
"value": "TeamViewer Desktop para Windows versiones anteriores a 15.8.3 no cita apropiadamente sus manejadores de URI personalizados. Un sitio web malicioso podr\u00eda iniciar TeamViewer con par\u00e1metros arbitrarios, como es demostrado por un teamviewer10: --play URL. Un atacante podr\u00eda forzar a una v\u00edctima para enviar una petici\u00f3n de autenticaci\u00f3n NTLM y retransmitir la petici\u00f3n o capturar el hash para descifrar la contrase\u00f1a fuera de l\u00ednea. Esto afecta a teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1 y tvvpn1. El problema se corrigi\u00f3 en las versiones 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350 y 15.8.3"
}
],
"id": "CVE-2020-13699",
"lastModified": "2024-11-21T05:01:45.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-29T16:15:12.080",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-13699.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-13699.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-02 03:15
Modified
2024-11-21 04:34
Severity ?
Summary
An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/ | Exploit, Third Party Advisory, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/ | Exploit, Third Party Advisory, URL Repurposed |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | 14.3.4730 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:14.3.4730:*:*:*:*:*:*:*",
"matchCriteriaId": "A35C4272-005A-49CB-89D7-4EF8D5D3AA81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en la funcionalidad Chat de la aplicaci\u00f3n de escritorio TeamViewer versi\u00f3n 14.3.4730 en Windows. (El proveedor declara que luego fue corregido). Tras iniciar sesi\u00f3n, cada comunicaci\u00f3n es guardada en la memoria principal de Windows. Cuando un usuario cierra sesi\u00f3n o elimina el historial de conversaci\u00f3n (pero no sale de la aplicaci\u00f3n), estos datos no son borrados de la memoria principal y, por lo tanto, un usuario local puede leerlos con los mismos o mayores privilegios."
}
],
"id": "CVE-2019-19362",
"lastModified": "2024-11-21T04:34:38.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-02T03:15:11.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"URL Repurposed"
],
"url": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"URL Repurposed"
],
"url": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-24 18:15
Modified
2024-11-21 06:11
Severity ?
Summary
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F659D4-CF88-4F7E-A14A-DEC8909D53A1",
"versionEndExcluding": "15.18.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes locales revelar informaci\u00f3n confidencial en las instalaciones afectadas de TeamViewer. Un atacante debe obtener primero la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema objetivo para poder explotar esta vulnerabilidad. El fallo espec\u00edfico se presenta en el servicio TeamViewer. El problema es debido a que no son comprobados apropiadamente los datos suministrados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de una matriz asignada. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM. Fue ZDI-CAN-13818"
}
],
"id": "CVE-2021-35005",
"lastModified": "2024-11-21T06:11:41.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-24T18:15:07.680",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-26 00:15
Modified
2024-11-21 04:32
Severity ?
Summary
In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-318-04 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.zerodayinitiative.com/advisories/ZDI-19-997/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-318-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-19-997/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| omron | cx-supervisor | * | |
| teamviewer | teamviewer | 5.0.8703_qs |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:omron:cx-supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62056105-4D13-4A0C-B55A-B7012B71CB39",
"versionEndIncluding": "3.5\\(12\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:5.0.8703_qs:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8FCCA2-8288-4CB6-B8FA-5E54299C5F6D",
"vulnerable": true
}
],
"negate": false,
"operator": "AND"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit."
},
{
"lang": "es",
"value": "En Omron CX-Supervisor, versiones 3.5 (12) y anteriores, Omron CX-Supervisor entregada con Teamviewer versi\u00f3n 5.0.8703 QS. Esta versi\u00f3n de Teamviewer es susceptible a una vulnerabilidad de funci\u00f3n obsoleta que requiere la interacci\u00f3n del usuario para explotar."
}
],
"id": "CVE-2019-18251",
"lastModified": "2024-11-21T04:32:55.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-26T00:15:11.857",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-477"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-24 16:15
Modified
2024-11-21 04:32
Severity ?
Summary
A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| teamviewer | teamviewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D01F0C-346A-48FA-9163-2E4B60279E20",
"versionEndExcluding": "11.0.214397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9B1047-16D2-49FE-B90E-F523A7620162",
"versionEndExcluding": "12.0.214399",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52527BFC-9092-4EC8-9681-0DD81A23A9DD",
"versionEndExcluding": "13.2.36216",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A79FBC5-7962-4D7E-B994-C6A4B1498B97",
"versionEndExcluding": "14.7.1965",
"versionStartIncluding": "14.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default."
},
{
"lang": "es",
"value": "Una vulnerabilidad de carga lateral de DLL en el Windows Service en TeamViewer versiones hasta 11.0.133222 (corregido en 11.0.214397), 12.0.181268 (corregido en 12.0.214399), 13.2.36215 (corregido en 13.2.36216) y 14.6.4835 (corregido en 14.7.1965) sobre Windows, podr\u00eda permitir a un atacante llevar a cabo la ejecuci\u00f3n de c\u00f3digo en un sistema de destino mediante un reinicio del servicio donde la DLL fue instalada previamente con privilegios administrativos. La explotaci\u00f3n requiere que un atacante sea capaz de crear un nuevo archivo en el directorio de la aplicaci\u00f3n TeamViewer; los permisos de directorio restringen eso por defecto."
}
],
"id": "CVE-2019-18196",
"lastModified": "2024-11-21T04:32:48.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-24T16:15:20.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564"
},
{
"source": "cve@mitre.org",
"url": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-23 16:15
Modified
2024-11-21 06:48
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
Summary
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@teamviewer.com | https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/ | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "64BF4156-1817-414E-AF06-BBC63E768125",
"versionEndExcluding": "15.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password."
},
{
"lang": "es",
"value": "TeamViewer Linux versiones anteriores a 15.28, no ejecutan correctamente un comando de borrado de la contrase\u00f1a de conexi\u00f3n en caso de bloqueo del proceso. El conocimiento del evento de bloqueo y el ID de TeamViewer, as\u00ed como la posesi\u00f3n de la contrase\u00f1a de conexi\u00f3n anterior al bloqueo o el acceso local autenticado a la m\u00e1quina, habr\u00edan permitido establecer una conexi\u00f3n remota al reusar la contrase\u00f1a de conexi\u00f3n no eliminada correctamente"
}
],
"id": "CVE-2022-23242",
"lastModified": "2024-11-21T06:48:15.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9,
"source": "psirt@teamviewer.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-23T16:15:08.450",
"references": [
{
"source": "psirt@teamviewer.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/"
}
],
"sourceIdentifier": "psirt@teamviewer.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-13 22:15
Modified
2024-11-21 06:11
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34AEE7F2-9EAF-4820-99AB-6E0879B2BCEC",
"versionEndExcluding": "15.21.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de TeamViewer. Es requerida una interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. El fallo espec\u00edfico se presenta en el an\u00e1lisis de los archivos TVS. El problema es debido a que no son comprobados apropiadamente los datos suministrados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de una estructura asignada. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Fue ZDI-CAN-13606"
}
],
"id": "CVE-2021-34858",
"lastModified": "2024-11-21T06:11:21.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-13T22:15:08.543",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-17 02:29
Modified
2024-11-21 03:48
Severity ?
Summary
TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/vah13/extractTVpasswords | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/vah13/extractTVpasswords | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A610D8D1-0A72-445F-BB55-E3A24F59FF46",
"versionEndIncluding": "13.1.1548",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between \"[00 88] and \"[00 00 00]\" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running."
},
{
"lang": "es",
"value": "TeamViewer hasta la versi\u00f3n 13.1.1548 almacena una contrase\u00f1a en formato Unicode en la memoria del proceso TeamViewer.exe entre los delimitadores \"[00 88]\" y \"[00 00 00]\", lo que podr\u00eda facilitar que los atacantes obtengan informaci\u00f3n sensible aprovechando una estaci\u00f3n de trabajo sin atender en la que TeamViewer se ha desconectado, pero sigue en ejecuci\u00f3n."
}
],
"id": "CVE-2018-14333",
"lastModified": "2024-11-21T03:48:50.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-17T02:29:00.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/vah13/extractTVpasswords"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/vah13/extractTVpasswords"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-05 22:29
Modified
2024-11-21 03:52
Severity ?
Summary
TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://twitter.com/vah_13/status/1036894081350291457 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/vah_13/status/1036894081350291457 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| teamviewer | teamviewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6BC2E4-F6A0-4F79-B8B1-A8E00173789D",
"versionEndIncluding": "13.2.9356",
"versionStartIncluding": "10.0.2551",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the \"Cancel\" step, which makes it easier to determine the correct value of the default 4-digit PIN."
},
{
"lang": "es",
"value": "TeamViewer, desde las versiones 10.x hasta las 13.x, permite que atacantes remotos omitan el mecanismo de protecci\u00f3n de autenticaci\u00f3n por fuerza bruta saltando el paso \"Cancel\", lo que facilita la adivinaci\u00f3n del valor correcto del PIN de 4 d\u00edgitos por defecto."
}
],
"id": "CVE-2018-16550",
"lastModified": "2024-11-21T03:52:57.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-05T22:29:00.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://twitter.com/vah_13/status/1036894081350291457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://twitter.com/vah_13/status/1036894081350291457"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-35005
Vulnerability from cvelistv5
Published
2022-01-24 18:10
Modified
2024-08-04 00:26
Severity ?
EPSS score ?
Summary
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-22-082/ | x_refsource_MISC | |
| https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TeamViewer | TeamViewer |
Version: 15.18.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:55.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TeamViewer",
"vendor": "TeamViewer",
"versions": [
{
"status": "affected",
"version": "15.18.5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "@Kharosx0"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129: Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-24T18:10:12",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-35005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TeamViewer",
"version": {
"version_data": [
{
"version_value": "15.18.5.0"
}
]
}
}
]
},
"vendor_name": "TeamViewer"
}
]
}
},
"credit": "@Kharosx0",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-129: Improper Validation of Array Index"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-082/"
},
{
"name": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-35005",
"datePublished": "2022-01-24T18:10:12",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T00:26:55.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-13699
Vulnerability from cvelistv5
Published
2020-07-29 15:36
Modified
2024-08-04 12:25
Severity ?
EPSS score ?
Summary
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448 | x_refsource_CONFIRM | |
| https://jeffs.sh/CVEs/CVE-2020-13699.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:25:16.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-13699.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-29T15:36:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jeffs.sh/CVEs/CVE-2020-13699.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448",
"refsource": "CONFIRM",
"url": "https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448"
},
{
"name": "https://jeffs.sh/CVEs/CVE-2020-13699.txt",
"refsource": "MISC",
"url": "https://jeffs.sh/CVEs/CVE-2020-13699.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13699",
"datePublished": "2020-07-29T15:36:06",
"dateReserved": "2020-05-29T00:00:00",
"dateUpdated": "2024-08-04T12:25:16.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34858
Vulnerability from cvelistv5
Published
2022-01-13 21:42
Modified
2024-08-04 00:26
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1001/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TeamViewer | TeamViewer |
Version: 15.16.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:54.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TeamViewer",
"vendor": "TeamViewer",
"versions": [
{
"status": "affected",
"version": "15.16.8.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "kdot"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-13T21:42:55",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-34858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TeamViewer",
"version": {
"version_data": [
{
"version_value": "15.16.8.0"
}
]
}
}
]
},
"vendor_name": "TeamViewer"
}
]
}
},
"credit": "kdot",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-34858",
"datePublished": "2022-01-13T21:42:55",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T00:26:54.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18251
Vulnerability from cvelistv5
Published
2019-11-25 23:29
Modified
2024-08-05 01:47
Severity ?
EPSS score ?
Summary
In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-318-04 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-19-997/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Omron CX-Supervisor |
Version: Versions 3.5 (12) and prior |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Omron CX-Supervisor",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions 3.5 (12) and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-477",
"description": "USE OF OBSOLETE FUNCTION CWE-477",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-10T01:06:07",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Omron CX-Supervisor",
"version": {
"version_data": [
{
"version_value": "Versions 3.5 (12) and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF OBSOLETE FUNCTION CWE-477"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-997/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18251",
"datePublished": "2019-11-25T23:29:02",
"dateReserved": "2019-10-22T00:00:00",
"dateUpdated": "2024-08-05T01:47:14.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-19362
Vulnerability from cvelistv5
Published
2019-12-02 02:52
Modified
2024-08-05 02:16
Severity ?
EPSS score ?
Summary
An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:46.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:P/A:N/C:H/I:N/PR:L/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-02T02:52:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:P/A:N/C:H/I:N/PR:L/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/",
"refsource": "MISC",
"url": "http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19362",
"datePublished": "2019-12-02T02:52:34",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-05T02:16:46.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-6053
Vulnerability from cvelistv5
Published
2024-08-28 16:30
Modified
2024-08-28 17:47
Severity ?
EPSS score ?
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | TeamViewer | Meeting |
Version: 0 < 15.55.3 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:46:55.180517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:47:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.55.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.44.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-27T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.\u003cbr\u003e"
}
],
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:58.925Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access control in the clipboard synchronization feature",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-6053",
"datePublished": "2024-08-28T16:30:58.925Z",
"dateReserved": "2024-06-17T11:41:33.256Z",
"dateUpdated": "2024-08-28T17:47:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-14333
Vulnerability from cvelistv5
Published
2018-07-17 02:00
Modified
2024-08-05 09:21
Severity ?
EPSS score ?
Summary
TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/vah13/extractTVpasswords | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:41.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vah13/extractTVpasswords"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between \"[00 88] and \"[00 00 00]\" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-17T02:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vah13/extractTVpasswords"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between \"[00 88] and \"[00 00 00]\" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/vah13/extractTVpasswords",
"refsource": "MISC",
"url": "https://github.com/vah13/extractTVpasswords"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14333",
"datePublished": "2018-07-17T02:00:00",
"dateReserved": "2018-07-16T00:00:00",
"dateUpdated": "2024-08-05T09:21:41.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18196
Vulnerability from cvelistv5
Published
2019-10-24 15:51
Modified
2024-08-05 01:47
Severity ?
EPSS score ?
Summary
A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:13.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T15:37:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564",
"refsource": "CONFIRM",
"url": "https://community.teamviewer.com/t5/Announcements/Security-bulletin-CVE-2019-18196/td-p/74564"
},
{
"name": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196",
"refsource": "MISC",
"url": "https://safebreach.com/Post/TeamViewer-Windows-Client-v11-to-v14-DLL-Preloading-and-Potential-Abuses-CVE-2019-18196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18196",
"datePublished": "2019-10-24T15:51:29",
"dateReserved": "2019-10-18T00:00:00",
"dateUpdated": "2024-08-05T01:47:13.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3128
Vulnerability from cvelistv5
Published
2010-08-26 18:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/41112 | third-party-advisory, x_refsource_SECUNIA | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.exploit-db.com/exploits/14734 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/archive/1/513317/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2010/2174 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41112"
},
{
"name": "oval:org.mitre.oval:def:6773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"name": "14734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"name": "20100825 TeamViewer \u003c= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"name": "ADV-2010-2174",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2174"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41112"
},
{
"name": "oval:org.mitre.oval:def:6773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"name": "14734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"name": "20100825 TeamViewer \u003c= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"name": "ADV-2010-2174",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2174"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41112"
},
{
"name": "oval:org.mitre.oval:def:6773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773"
},
{
"name": "14734",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14734"
},
{
"name": "20100825 TeamViewer \u003c= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513317/100/0/threaded"
},
{
"name": "ADV-2010-2174",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2174"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3128",
"datePublished": "2010-08-26T18:00:00",
"dateReserved": "2010-08-26T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-16550
Vulnerability from cvelistv5
Published
2018-09-05 22:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.
References
| ▼ | URL | Tags |
|---|---|---|
| https://twitter.com/vah_13/status/1036894081350291457 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/vah_13/status/1036894081350291457"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the \"Cancel\" step, which makes it easier to determine the correct value of the default 4-digit PIN."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-05T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/vah_13/status/1036894081350291457"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the \"Cancel\" step, which makes it easier to determine the correct value of the default 4-digit PIN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/vah_13/status/1036894081350291457",
"refsource": "MISC",
"url": "https://twitter.com/vah_13/status/1036894081350291457"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16550",
"datePublished": "2018-09-05T22:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23242
Vulnerability from cvelistv5
Published
2022-03-23 15:18
Modified
2024-09-16 16:12
Severity ?
EPSS score ?
Summary
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TeamViewer | TeamViewer for Linux |
Version: 15.27 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Linux"
],
"product": "TeamViewer for Linux",
"vendor": "TeamViewer",
"versions": [
{
"lessThanOrEqual": "15.27",
"status": "affected",
"version": "15.27",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "N/A",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T15:18:25",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/"
}
],
"source": {
"advisory": "TV-2022-1001",
"discovery": "UNKNOWN"
},
"title": "TeamViewer Linux - Deletion command not properly executed after process crash",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@teamviewer.com",
"DATE_PUBLIC": "2022-03-22T15:01:00.000Z",
"ID": "CVE-2022-23242",
"STATE": "PUBLIC",
"TITLE": "TeamViewer Linux - Deletion command not properly executed after process crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TeamViewer for Linux",
"version": {
"version_data": [
{
"platform": "Linux",
"version_affected": "\u003c=",
"version_name": "15.27",
"version_value": "15.27"
}
]
}
}
]
},
"vendor_name": "TeamViewer"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "N/A"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/",
"refsource": "MISC",
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001/"
}
]
},
"source": {
"advisory": "TV-2022-1001",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2022-23242",
"datePublished": "2022-03-23T15:18:25.048063Z",
"dateReserved": "2022-01-14T00:00:00",
"dateUpdated": "2024-09-16T16:12:44.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34803
Vulnerability from cvelistv5
Published
2021-06-16 14:46
Modified
2024-08-04 00:26
Severity ?
EPSS score ?
Summary
TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:53.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-26T16:20:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-34803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111154/windows-v14-7-48644"
},
{
"name": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111153/windows-v14-2-56678"
},
{
"name": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111152/windows-v13-2-36222"
},
{
"name": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111151/windows-v12-0-259142"
},
{
"name": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111150/windows-v11-0-259143"
},
{
"name": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111149/windows-v10-0-259144"
},
{
"name": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/111147/windows-v9-0-259145"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-34803",
"datePublished": "2021-06-16T14:46:39",
"dateReserved": "2021-06-16T00:00:00",
"dateUpdated": "2024-08-04T00:26:53.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11769
Vulnerability from cvelistv5
Published
2019-09-11 19:44
Modified
2024-08-04 23:03
Severity ?
EPSS score ?
Summary
An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label&labels=Security | x_refsource_MISC | |
| https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-11T19:44:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security",
"refsource": "MISC",
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label\u0026labels=Security"
},
{
"name": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/",
"refsource": "MISC",
"url": "https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11769",
"datePublished": "2019-09-11T19:44:17",
"dateReserved": "2019-05-06T00:00:00",
"dateUpdated": "2024-08-04T23:03:32.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18988
Vulnerability from cvelistv5
Published
2020-02-07 15:09
Modified
2025-02-04 20:33
Severity ?
EPSS score ?
Summary
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label&labels=Security | x_refsource_MISC | |
| https://whynotsecurity.com/blog/teamviewer/ | x_refsource_MISC | |
| https://twitter.com/Blurbdust/status/1224212682594770946?s=20 | x_refsource_MISC | |
| https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://whynotsecurity.com/blog/teamviewer/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-18988",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T20:33:26.822954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-18988"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-521",
"description": "CWE-521 Weak Password Requirements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T20:33:31.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers\u0027 installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-07T15:09:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://whynotsecurity.com/blog/teamviewer/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers\u0027 installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security",
"refsource": "MISC",
"url": "https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?threadtype=label\u0026labels=Security"
},
{
"name": "https://whynotsecurity.com/blog/teamviewer/",
"refsource": "MISC",
"url": "https://whynotsecurity.com/blog/teamviewer/"
},
{
"name": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20",
"refsource": "MISC",
"url": "https://twitter.com/Blurbdust/status/1224212682594770946?s=20"
},
{
"name": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264",
"refsource": "MISC",
"url": "https://community.teamviewer.com/t5/Announcements/Specification-on-CVE-2019-18988/td-p/82264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18988",
"datePublished": "2020-02-07T15:09:36.000Z",
"dateReserved": "2019-11-15T00:00:00.000Z",
"dateUpdated": "2025-02-04T20:33:31.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34859
Vulnerability from cvelistv5
Published
2021-10-25 17:10
Modified
2024-08-04 00:26
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-21-1003/ | x_refsource_MISC | |
| https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TeamViewer | TeamViewer |
Version: 15.16.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:54.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TeamViewer",
"vendor": "TeamViewer",
"versions": [
{
"status": "affected",
"version": "15.16.8.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T17:10:44",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-34859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TeamViewer",
"version": {
"version_data": [
{
"version_value": "15.16.8.0"
}
]
}
}
]
},
"vendor_name": "TeamViewer"
}
]
}
},
"credit": "Mat Powell of Trend Micro Zero Day Initiative",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1003/"
},
{
"name": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1",
"refsource": "MISC",
"url": "https://community.teamviewer.com/English/discussion/117794/august-updates-security-patches/p1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-34859",
"datePublished": "2021-10-25T17:10:44",
"dateReserved": "2021-06-17T00:00:00",
"dateUpdated": "2024-08-04T00:26:54.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201911-1039
Vulnerability from variot
In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit. Omron CX-Supervisor and Teamviewer Has unspecified vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of OMRON CX-Supervisor. The issue results from the use of an outdated version of Teamviewer containing known vulnerabilities. An attacker can leverage this vulnerability to execute code in the context of the current process. Omron CX-Supervisor is a visual machine controller from Japan's Omron.
CX-Supervisor has an unknown vulnerability, which can be used by an attacker to cause information leakage, comprehensive damage to the system, and denial of service. TeamViewer is a set of software for remote control, desktop sharing and file transfer of German TeamViewer company
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "teamviewer",
"scope": "eq",
"trust": 1.0,
"vendor": "teamviewer",
"version": "5.0.8703_qs"
},
{
"_id": null,
"model": "cx-supervisor",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "3.5\\(12\\)"
},
{
"_id": null,
"model": "teamviewer",
"scope": "eq",
"trust": 0.8,
"vendor": "teamviewer",
"version": "5.0.8703 qs"
},
{
"_id": null,
"model": "cx-supervisor",
"scope": "lte",
"trust": 0.8,
"vendor": "omron",
"version": "3.5 (12)"
},
{
"_id": null,
"model": "cx-supervisor",
"scope": null,
"trust": 0.7,
"vendor": "omron",
"version": null
},
{
"_id": null,
"model": "cx-supervisor",
"scope": "lte",
"trust": 0.6,
"vendor": "omron",
"version": "\u003c=3.5(12)"
},
{
"_id": null,
"model": null,
"scope": "lte",
"trust": 0.2,
"vendor": "cx supervisor",
"version": "\u003c=3.5(12)"
}
],
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "NVD",
"id": "CVE-2019-18251"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:teamviewer:teamviewer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:omron:cx-supervisor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
}
]
},
"credits": {
"_id": null,
"data": "Michael DePlante",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
}
],
"trust": 1.3
},
"cve": "CVE-2019-18251",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-18251",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-42429",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "72b943a0-4d32-4f39-8090-625814291929",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-150579",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-18251",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-18251",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-18251",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-18251",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-18251",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2019-18251",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-42429",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-999",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-150579",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-18251",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "VULHUB",
"id": "VHN-150579"
},
{
"db": "VULMON",
"id": "CVE-2019-18251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
},
{
"db": "NVD",
"id": "CVE-2019-18251"
}
]
},
"description": {
"_id": null,
"data": "In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit. Omron CX-Supervisor and Teamviewer Has unspecified vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of OMRON CX-Supervisor. The issue results from the use of an outdated version of Teamviewer containing known vulnerabilities. An attacker can leverage this vulnerability to execute code in the context of the current process. Omron CX-Supervisor is a visual machine controller from Japan\u0027s Omron. \n\nCX-Supervisor has an unknown vulnerability, which can be used by an attacker to cause information leakage, comprehensive damage to the system, and denial of service. TeamViewer is a set of software for remote control, desktop sharing and file transfer of German TeamViewer company",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-18251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "VULHUB",
"id": "VHN-150579"
},
{
"db": "VULMON",
"id": "CVE-2019-18251"
}
],
"trust": 3.15
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-18251",
"trust": 4.1
},
{
"db": "ZDI",
"id": "ZDI-19-997",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-19-318-04",
"trust": 3.2
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-42429",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9313",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.4729",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4314",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47528",
"trust": 0.6
},
{
"db": "IVD",
"id": "72B943A0-4D32-4F39-8090-625814291929",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-150579",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-18251",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "VULHUB",
"id": "VHN-150579"
},
{
"db": "VULMON",
"id": "CVE-2019-18251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
},
{
"db": "NVD",
"id": "CVE-2019-18251"
}
]
},
"id": "VAR-201911-1039",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "VULHUB",
"id": "VHN-150579"
}
],
"trust": 1.4707547
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
}
]
},
"last_update_date": "2024-11-23T22:33:39.414000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.fa.omron.co.jp/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": " https://www.teamviewer.com/ja/ "
},
{
"title": "Omron has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"title": "Patch for Omron CX-Supervisor has an unknown vulnerability (CNVD-2019-42429)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/192107"
},
{
"title": "Omron CX-Supervisor Teamviewer Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103868"
},
{
"title": "nvd_scrapper",
"trust": 0.1,
"url": "https://github.com/abhav/nvd_scrapper "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "VULMON",
"id": "CVE-2019-18251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-477",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-18251"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.9,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-04"
},
{
"trust": 2.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-997/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18251"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-18251"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4729/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47528"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4314/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171553"
},
{
"trust": 0.1,
"url": "https://github.com/abhav/nvd_scrapper"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-997"
},
{
"db": "CNVD",
"id": "CNVD-2019-42429"
},
{
"db": "VULHUB",
"id": "VHN-150579"
},
{
"db": "VULMON",
"id": "CVE-2019-18251"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
},
{
"db": "NVD",
"id": "CVE-2019-18251"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-19-997",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2019-42429",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-150579",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2019-18251",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012792",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-18251",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-11-27T00:00:00",
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929",
"ident": null
},
{
"date": "2019-12-09T00:00:00",
"db": "ZDI",
"id": "ZDI-19-997",
"ident": null
},
{
"date": "2019-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42429",
"ident": null
},
{
"date": "2019-11-26T00:00:00",
"db": "VULHUB",
"id": "VHN-150579",
"ident": null
},
{
"date": "2019-11-26T00:00:00",
"db": "VULMON",
"id": "CVE-2019-18251",
"ident": null
},
{
"date": "2019-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012792",
"ident": null
},
{
"date": "2019-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-999",
"ident": null
},
{
"date": "2019-11-26T00:15:11.857000",
"db": "NVD",
"id": "CVE-2019-18251",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2019-12-09T00:00:00",
"db": "ZDI",
"id": "ZDI-19-997",
"ident": null
},
{
"date": "2019-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42429",
"ident": null
},
{
"date": "2019-12-11T00:00:00",
"db": "VULHUB",
"id": "VHN-150579",
"ident": null
},
{
"date": "2019-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2019-18251",
"ident": null
},
{
"date": "2019-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012792",
"ident": null
},
{
"date": "2020-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-999",
"ident": null
},
{
"date": "2024-11-21T04:32:55.383000",
"db": "NVD",
"id": "CVE-2019-18251",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Omron CX-Supervisor and Teamviewer Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012792"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "IVD",
"id": "72b943a0-4d32-4f39-8090-625814291929"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-999"
}
],
"trust": 0.8
}
}