SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    [Solved] TeamViewer - Securuty Issue

    Scheduled Pinned Locked Moved
    Solved Detection Issues
    security
    2
    4
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_SO
      OLLI_S Community Moderator
      last edited by OLLI_S

      I read in the c't magazine that there is an security issue (passwords are stored in clear text in memory).
      https://www.heise.de/security/meldung/TeamViewer-reagiert-auf-Passwort-Leck-4118201.html

      The CVE-Number is: CVE-2018-143333

      1 Reply Last reply Reply Quote 0
      • T
        Tom VulnDetect Team Member
        last edited by

        Thank you.
        However, as I understand it, then the password is only exposed in the context in which TeamViewer is running, this means that an attacker needs to run code on your system or exploit another vulnerability, that expose the memory.
        Of course, passwords shouldn't be kept in the clear, but by itself, it doesn't sound like a vulnerability.
        That said, then I do miss better information from TeamViewer about the past reports about security issues in their product and an updated changelog (with clear information about security fixes).

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        1 Reply Last reply Reply Quote 0
        • OLLI_SO
          OLLI_S Community Moderator
          last edited by

          In the article there is a link to the original issue and there TV estimated the issue as low.
          Their solution is to keep it for just 5 minutes.

          1 Reply Last reply Reply Quote 0
          • OLLI_SO
            OLLI_S Community Moderator
            last edited by

            For me the issue is solved.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

            Please see our Privacy and Data Processing Policy
            Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
            Forum software by NodeBB