CVE-2024-2451 (GCVE-0-2024-2451)

Vulnerability from cvelistv5 – Published: 2024-05-28 14:27 – Updated: 2024-08-01 19:11
VLAI?
Title
Improper fingerprint validation in the TeamViewer Client
Summary
Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.
Severity ?
6.4 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-347 - Improper Verification of Cryptographic Signature
Assigner
TV
References
Impacted products
Vendor Product Version
TeamViewer Remote (Full Client) Affected: 15.48 , < 15.54 (custom)
Create a notification for this product.
Credits
Maximilian Barz
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:teamviewer:remote:15.48:*:*:*:*:*:*:*",
              "cpe:2.3:a:teamviewer:remote:15.51:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "remote",
            "vendor": "teamviewer",
            "versions": [
              {
                "lessThan": "15.54",
                "status": "affected",
                "version": "15.48",
                "versionType": "custom"
              },
              {
                "lessThan": "15.54",
                "status": "affected",
                "version": "15.51",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2451",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T16:18:24.894767Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-24T17:59:43.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Remote (Full Client)",
          "vendor": "TeamViewer",
          "versions": [
            {
              "lessThan": "15.54",
              "status": "affected",
              "version": "15.48",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Remote (Host)",
          "vendor": "TeamViewer",
          "versions": [
            {
              "lessThan": "15.54",
              "status": "affected",
              "version": "15.48",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MacOS"
          ],
          "product": "Remote (Full Client)",
          "vendor": "TeamViewer",
          "versions": [
            {
              "lessThan": "15.54",
              "status": "affected",
              "version": "15.51",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MacOS"
          ],
          "product": "Remote (Host)",
          "vendor": "TeamViewer",
          "versions": [
            {
              "lessThan": "15.54",
              "status": "affected",
              "version": "15.51",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Maximilian Barz"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper fingerprint validation in the TeamViewer Client (Full \u0026amp; Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading."
            }
          ],
          "value": "Improper fingerprint validation in the TeamViewer Client (Full \u0026 Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347 Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-28T14:27:25.918Z",
        "orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
        "shortName": "TV"
      },
      "references": [
        {
          "url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to the latest version (15.54 or higher)"
            }
          ],
          "value": "Update to the latest version (15.54 or higher)"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper fingerprint validation in the TeamViewer Client",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
    "assignerShortName": "TV",
    "cveId": "CVE-2024-2451",
    "datePublished": "2024-05-28T14:27:25.918Z",
    "dateReserved": "2024-03-14T13:47:04.908Z",
    "dateUpdated": "2024-08-01T19:11:53.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Improper fingerprint validation in the TeamViewer Client (Full \u0026 Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.\"}, {\"lang\": \"es\", \"value\": \"La validaci\\u00f3n inadecuada de huellas dactilares en TeamViewer Client (Full \u0026amp; Host) anterior a la versi\\u00f3n 15.54 para Windows y macOS permite a un atacante con derechos de usuario administrativo elevar a\\u00fan m\\u00e1s los privilegios mediante la descarga de archivos ejecutables.\"}]",
      "id": "CVE-2024-2451",
      "lastModified": "2024-11-21T09:09:46.897",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@teamviewer.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 5.9}]}",
      "published": "2024-05-28T15:15:09.163",
      "references": "[{\"url\": \"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\", \"source\": \"psirt@teamviewer.com\"}, {\"url\": \"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "psirt@teamviewer.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"psirt@teamviewer.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-2451\",\"sourceIdentifier\":\"psirt@teamviewer.com\",\"published\":\"2024-05-28T15:15:09.163\",\"lastModified\":\"2024-11-21T09:09:46.897\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper fingerprint validation in the TeamViewer Client (Full \u0026 Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.\"},{\"lang\":\"es\",\"value\":\"La validaci\u00f3n inadecuada de huellas dactilares en TeamViewer Client (Full \u0026amp; Host) anterior a la versi\u00f3n 15.54 para Windows y macOS permite a un atacante con derechos de usuario administrativo elevar a\u00fan m\u00e1s los privilegios mediante la descarga de archivos ejecutables.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@teamviewer.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@teamviewer.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"references\":[{\"url\":\"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\",\"source\":\"psirt@teamviewer.com\"},{\"url\":\"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T19:11:53.533Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-2451\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-28T16:18:24.894767Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:teamviewer:remote:15.48:*:*:*:*:*:*:*\", \"cpe:2.3:a:teamviewer:remote:15.51:*:*:*:*:*:*:*\"], \"vendor\": \"teamviewer\", \"product\": \"remote\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.48\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"15.51\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-28T16:22:48.370Z\"}}], \"cna\": {\"title\": \"Improper fingerprint validation in the TeamViewer Client\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Maximilian Barz\"}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"TeamViewer\", \"product\": \"Remote (Full Client)\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.48\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"TeamViewer\", \"product\": \"Remote (Host)\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.48\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"TeamViewer\", \"product\": \"Remote (Full Client)\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.51\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}], \"platforms\": [\"MacOS\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"TeamViewer\", \"product\": \"Remote (Host)\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.51\", \"lessThan\": \"15.54\", \"versionType\": \"custom\"}], \"platforms\": [\"MacOS\"], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update to the latest version (15.54 or higher)\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update to the latest version (15.54 or higher)\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper fingerprint validation in the TeamViewer Client (Full \u0026 Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper fingerprint validation in the TeamViewer Client (Full \u0026amp; Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-347\", \"description\": \"CWE-347 Improper Verification of Cryptographic Signature\"}]}], \"providerMetadata\": {\"orgId\": \"13430f76-86eb-43b2-a71c-82c956ef31b6\", \"shortName\": \"TV\", \"dateUpdated\": \"2024-05-28T14:27:25.918Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-2451\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T19:11:53.533Z\", \"dateReserved\": \"2024-03-14T13:47:04.908Z\", \"assignerOrgId\": \"13430f76-86eb-43b2-a71c-82c956ef31b6\", \"datePublished\": \"2024-05-28T14:27:25.918Z\", \"assignerShortName\": \"TV\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.