Low Privileged User Elevation of Privileges Vulnerability in TeamViewer Remote Client
CVE-2024-0819

7.8HIGH

Key Information:

Vendor

Teamviewer

Status
Remote Full Client
Remote Host
Vendor
CVE Published:
27 February 2024

Badges

📰 News Worthy

What is CVE-2024-0819?

A vulnerability exists in the TeamViewer Remote Client prior to version 15.51.5 across Windows, Linux, and macOS platforms that stems from improper initialization of default settings. This flaw allows low privileged users to change the personal password setting, gaining the capability to establish a remote connection to an administrator account that is already logged in. The potential for unauthorized access raises significant security concerns, emphasizing the need for prompt updates to the latest version to mitigate such risks.

Affected Version(s)

Remote Full Client Windows 0 < 15.51.5

Remote Host Windows 0 < 15.51.5

News Articles

favicon imageÇözümPark

TeamViewer Kullanıcıları Dikkat: Kişisel Şifre Güvenlik Açığı (CVE-2024-0819) - ÇözümPark

TeamViewer’da “kişisel şifre” kullanan okuyuculara kısa bir uyarı. Windows istemcisi acilen 15.51.5 sürümüne güncellenmelidir. Üretici, eski yazılım sürümlerinin yalnızca kişisel şifre ayarlarının eksik korumasını sağladığını belirten bir güvenlik bildirimi yayınladı. TeamViewer Uyarısı! TeamViewer,...

References

https://www.teamviewer.com/en/trust-center/security-bulle...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by ÇözümPark

  • Vulnerability published

  • Vulnerability Reserved

.