CVE-2019-11769
published 2019-09-11CVE-2019-11769: An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI…
PriorityP338high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.44%
35.1th percentile
An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| teamviewer | teamviewer | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-phx3-9j7m-hxph: An issue was discovered in TeamViewer 14
ghsa_unreviewed·2022-05-24
CVE-2019-11769 [HIGH] CWE-522 GHSA-phx3-9j7m-hxph: An issue was discovered in TeamViewer 14
An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials.
CISA ICS
Omron CX-Supervisor
cisa_ics·2019-11-06·CVSS 9.3
[CRITICAL] Omron CX-Supervisor
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Omron CX-Supervisor
Last RevisedNovember 06, 2019
Alert CodeICSA-19-309-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Omron
- Equipment: CX-Supervisor
- Vulnerability: Use of Obsolete Function
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could result in information disclosure, total compromise of the system, and system unavailability.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of both ‘Full Development’ and ‘Runtime Only’ packages of Omron’s SCADA and HM
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://blog.to.com/advisory-teamviewer-cve-2019-11769-2/https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label&labels=Securityhttps://blog.to.com/advisory-teamviewer-cve-2019-11769-2/https://community.teamviewer.com/t5/Knowledge-Base/tkb-p/Knowledgebase?type=label&labels=Security
2019-09-11
Published