Lucene search

[email protected]CVE-2023-0837

HistoryJun 14, 2023 - 8:15 a.m.

CVE-2023-0837

2023-06-1408:15:08

CWE-285

[email protected]

web.nvd.nist.gov

cve-2023-0837

teamviewer

remote

authorization check

windows

macos

configuration

nvd

6.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

5.4 Medium

AI Score

Confidence

High

JSON

An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to the configuration.

CPE configuration

NVD

teamviewerremoteRange15.41–15.42.8

AND

applemacosMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
teamviewer:remoteteamviewer remotelt15.42.8

CPE	Name	Operator	Version
teamviewer:remote	teamviewer remote	lt	15.42.8

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS"
    ],
    "product": "Remote",
    "vendor": "TeamViewer",
    "versions": [
      {
        "lessThanOrEqual": "15.42.7",
        "status": "affected",
        "version": "15.41",
        "versionType": "custom"
      }
    ]
  }
]

References

www.teamviewer.com/en/trust-center/security-bulletins/tv-2023-1001/

6.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

5.4 Medium

AI Score

Confidence

High

JSON

Related for CVE-2023-0837

prion1 cvelist1 nvd1