Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

TeamViewer DLL side loading Vulnerability - Oct19 (Windows)

Severity

Medium

Family

General

CVSSv2 Base

5.0

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Vendor Patch

Created

4 years ago

Modified

4 years ago

The host is installed with TeamViewer Premium is prone to a dll-side-loading vulnerability.

Insight

A DLL side loading vulnerability in the Windows Service in TeamViewer on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory, directory permissions restrict that by default.

Affected Software

TeamViewer versions through 11.0.133222, 12.0.181268, 13.2.36215 and 14.6.4835 on Windows.

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Update to TeamViewer version 11.0.214397, 12.0.214399, 13.2.36216, 14.7.1965 or later.

Common Vulnerabilities and Exposures (CVE)

CVE-2019-18196

References

https://community.teamviewer.com/t5/Announcements/Security-bulletin-CV

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

TeamViewer DLL side loading Vulnerability - Oct19 (Windows)

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Affected Software

Affected Software

Detection Method

Detection Method

Solution

Solution

Common Vulnerabilities and Exposures (CVE)

References