Improper Authorization in TeamViewer Remote for Windows and macOS
CVE-2023-0837

5.5MEDIUM

Key Information:

Vendor: TeamViewer
Status: Remote
Vendor: CVE Published:; 14 June 2023

What is CVE-2023-0837?

An improper authorization check in TeamViewer Remote for Windows and macOS, specifically in versions 15.41 through 15.42.7, enables unprivileged users to alter essential local device settings that were intended to remain locked. This vulnerability can lead to unauthorized changes in the system configuration, potentially compromising user settings and overall system integrity.

Affected Version(s)

Remote Windows 15.41 <= 15.42.7

References

https://www.teamviewer.com/en/trust-center/security-bulle...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 14, 2023
Vulnerability Reserved
Feb 15, 2023