Lucene search

TVCVE-2024-6053

HistoryAug 28, 2024 - 5:15 p.m.

CVE-2024-6053

2024-08-2817:15:11

CWE-359

web.nvd.nist.gov

cve

teamviewer

access control

clipboard synchronization

unintentional sharing

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

9.6%

JSON

Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.

Affected configurations

Nvd

Node

teamviewermeetingRange<15.44.7android

teamviewermeetingRange<15.55.3macos

teamviewermeetingRange<15.55.3windows

teamviewermeetingRange<15.57iphone_os

Node

teamviewerteamviewerRange<15.57.3

AND

applemacosMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

VendorProductVersionCPE
teamviewermeeting*cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:android:*:*
teamviewermeeting*cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:macos:*:*
teamviewermeeting*cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:windows:*:*
teamviewermeeting*cpe:2.3:a:teamviewer:meeting:*:*:*:*:*:iphone_os:*:*
teamviewerteamviewer*cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
teamviewer	meeting	*	cpe:2.3:a:teamviewer:meeting::::::android::*
teamviewer	meeting	*	cpe:2.3:a:teamviewer:meeting::::::macos::*
teamviewer	meeting	*	cpe:2.3:a:teamviewer:meeting::::::windows::*
teamviewer	meeting	*	cpe:2.3:a:teamviewer:meeting::::::iphone_os::*
teamviewer	teamviewer	*	cpe:2.3:a:teamviewer:teamviewer::::::::
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "MacOS"
    ],
    "product": "Meeting",
    "vendor": "TeamViewer",
    "versions": [
      {
        "lessThan": "15.55.3",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Android"
    ],
    "product": "Meeting",
    "vendor": "TeamViewer",
    "versions": [
      {
        "lessThan": "15.44.7",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "iOS"
    ],
    "product": "Meeting",
    "vendor": "TeamViewer",
    "versions": [
      {
        "lessThan": "15.57",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows",
      "Linux",
      "MacOS"
    ],
    "product": "Remote Full Client",
    "vendor": "TeamViewer",
    "versions": [
      {
        "lessThan": "15.57.3",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

9.6%

JSON

Related for CVE-2024-6053