CVE-2023-0837

EPSS 0.05%
Veröffentlicht 14.06.2023 08:15:08
Zuletzt bearbeitet 21.11.2024 07:37:55
Quelle psirt@teamviewer.com
Teams Watchlist Login
Unerledigt Login

An improper  authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to the configuration.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Teamviewer ≫ Remote Version >= 15.41 < 15.42.8

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.165

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
psirt@teamviewer.com	6.6	1.3	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

CWE-285 Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2023-1001/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-0837

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-0837

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-0837

EUVD