[Solved] TeamViewer - Securuty Issue

OLLI_S · 23 Jul 2018, 20:08

I read in the c't magazine that there is an security issue (passwords are stored in clear text in memory).
https://www.heise.de/security/meldung/TeamViewer-reagiert-auf-Passwort-Leck-4118201.html

The CVE-Number is: CVE-2018-143333

Tom · 24 Jul 2018, 10:44

Thank you.
However, as I understand it, then the password is only exposed in the context in which TeamViewer is running, this means that an attacker needs to run code on your system or exploit another vulnerability, that expose the memory.
Of course, passwords shouldn't be kept in the clear, but by itself, it doesn't sound like a vulnerability.
That said, then I do miss better information from TeamViewer about the past reports about security issues in their product and an updated changelog (with clear information about security fixes).

OLLI_S · 24 Jul 2018, 11:06

In the article there is a link to the original issue and there TV estimated the issue as low.
Their solution is to keep it for just 5 minutes.

OLLI_S · 15 Dec 2018, 15:56

For me the issue is solved.