CVE | Published | Severity | Details | Exploitability | Impact | Vector |
CVE‑2024‑6053 | 2024‑08‑28 17:15:11 | MEDIUM (4) | Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting. | 3 | 1 | NETWORK |
CVE‑2022‑23242 | 2022‑03‑23 16:15:08 | MEDIUM (4) | TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password. | 1 | 4 | LOCAL |
CVE‑2021‑35005 | 2022‑01‑24 18:15:08 | LOW (3) | This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated array. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-13818. | 2 | 1 | LOCAL |
CVE‑2021‑34859 | 2021‑10‑25 17:15:08 | HIGH (9) | This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13697. | 3 | 6 | NETWORK |
CVE‑2021‑34858 | 2022‑01‑13 22:15:09 | HIGH (8) | This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TVS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13606. | 2 | 6 | LOCAL |
CVE‑2021‑34803 | 2021‑06‑16 15:15:09 | HIGH (8) | TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations. | 2 | 6 | LOCAL |
CVE‑2020‑13699 | 2020‑07‑29 16:15:12 | HIGH (9) | TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3. | 3 | 6 | NETWORK |
CVE‑2019‑19362 | 2019‑12‑02 03:15:11 | MEDIUM (7) | An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges. | 3 | 4 | NETWORK |
CVE‑2019‑18988 | 2020‑02‑07 16:15:10 | HIGH (7) | TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system. | 1 | 6 | LOCAL |
CVE‑2019‑18251 | 2019‑11‑26 00:15:12 | HIGH (9) | In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit. | 3 | 6 | NETWORK |
CVE‑2019‑18196 | 2019‑10‑24 16:15:20 | MEDIUM (7) | A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default. | 1 | 6 | LOCAL |
CVE‑2019‑11769 | 2019‑09‑11 20:15:10 | HIGH (8) | An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same non-administrative user context to intercept them in cleartext within process memory. By using this technique, a local attacker is able to obtain administrative credentials in order to elevate privileges. This vulnerability can be exploited by injecting code into Teamviewer.exe which intercepts calls to GetWindowTextW and logs the processed credentials. | 2 | 6 | LOCAL |
CVE‑2018‑16550 | 2018‑09‑05 22:29:00 | MEDIUM (5) | TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN. | 0 | 0 | NETWORK |
CVE‑2018‑14333 | 2018‑07‑17 02:29:00 | MEDIUM (4) | TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running. | 0 | 0 | NETWORK |
CVE‑2010‑3128 | 2010‑08‑26 18:36:36 | HIGH (9) | Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file. | 0 | 0 | NETWORK |
Patch more applications, achieve compliance, and prevent problems while reducing stress with Lavawall®.
A security tool by security auditors. From Passkeys and Argon2i to source validation and MVSP principles, Lavawall® has you covered.
More features and more security added nearly every day.
While Ninite and other patching tools have had the same patch offerings for decades, we're monitoring stats to keep adding the most useful programs (currently over 7,463)!
From wrapping TLS communications in extra encryption and uninstalling remote support tools when they aren't used to detailed statistical analysis of system and network performance, Lavawall® goes in-depth.
Lavawall® goes beyond patches and breach detection. We also monitor for risky Chromium extensions and allowed notifications that might be part of a phishing or ransomware attack.
Extend the security features of Cloudflare, Microsoft, Google, Sophos, and other cloud providers to create a Lavawall® of protection
Even if you used breached remote management tools like ScreenConnect through Lavawall® when it was vulnerable, your computers stayed safe because we only install the agent when it needs to be used.
Easily deploy, monitor, and analyze security tools like Huntress, AutoElevate, and Sophos. Magically gain details from ZenDesk, ConnectWise, Datto, Panorama9, Microsoft, and Google.
Get immediate fixes, user notifications, admin notifications -- and even security-certified human level 3 support when our advanced statistical analysis confirms a problem or anomaly.
2024‑12‑02 | 0.12.19.206 | test commit |
2024‑11‑22 | 0.12.18.205 | |
2024‑10‑30 | 0.12.8.195 | Mac update refinements |
2024‑10‑25 | 0.12.3.190 | |
2024‑10‑21 | 0.12.0.187 | Macos implementaiton, linux and windows improvements |
2024‑10‑16 | 0.11.128.186 | Linux stats and system information improvements, improvements for application shutdown |
2024‑09‑12 | 0.11.113.171 | CPU Optimizations and Packages reliability improvements |
2024‑09‑05 | 0.11.106.164 | Phased deployment enhancements |
2024‑09‑04 | 0.11.103.161 | |
2024‑09‑02 | 0.11.102.160 | CPU Optimizations and Packages reliability improvements |
2024‑08‑30 | 0.11.99.157 | CPU Optimizations and Packages reliability improvements |
2024‑08‑29 | 0.11.98.156 | CPU utilization and console event optimization |
2024‑08‑28 | 0.11.97.155 | Reliability to detect unusual updates like redistributables. |
2024‑08‑27 | 0.11.96.154 | |
2024‑08‑26 | 0.11.95.153 | Faster response for reboot requests |
2024‑08‑20 | 0.11.92.150 | Additional package upgrade pre-requisites |
2024‑08‑15 | 0.11.89.147 | |
2024‑08‑06 | 0.11.87.145 | |
2024‑07‑26 | 0.11.83.141 | Add resiliency for MAC duplicates and uptime |
2024‑07‑25 | 0.11.82.140 | Changes to facilitate cross-platform use. Bitlocker and Windows key refinements |
2024‑07‑15 | 0.11.80.138 | Antivirus and temperature added to configuration checks |
2024‑07‑15 | 0.11.79.137 | Add configuration checks for execution policy and secure boot |
2024‑07‑11 | 0.11.77.135 | load balancing refinements |
2024‑07‑10 | 0.11.76.134 | Add additional load balancing and data residency capabilities, add randomness to recurring task timings to decrease server load |
2024‑07‑05 | 0.11.74.132 | changes to graph and residual work on user imporsonation |
2024‑07‑04 | 0.11.73.131 | Add configuration checks for execution policy and secure boot. |
2024‑07‑03 | 0.11.72.130 | Enhanced event log monitoring |
2024‑07‑02 | 0.11.71.129 | Add details to Windows updates, enhanced risk metrics for application patches |
2024‑06‑19 | 0.11.65.123 | Update resiliancy and garbage collection |
2024‑06‑13 | 0.11.60.118 | Enhanced logging |
2024‑06‑12 | 0.11.55.113 | Include the primary drive serial number; MAC addresses for built-in wireless, Bluetooth, and ethernet into the device hash to restore uninstalled and reinstalled devices in cases where the motherboard serial is not unique |
2024‑06‑07 | 0.11.54.112 | Patch and package uninstall data addition |
2024‑06‑05 | 0.11.47.105 | refine per-user registry application listing |
2024‑06‑02 | 0.11.45.103 | uninstall and reinstall refinements, refine local logging, refine self-update and uninstall timing |
2024‑05‑30 | 0.11.21.79 | various bug fixes and improvements |
2024‑05‑28 | 0.11.16.74 | Error logging, registration, and uninstall improvements. |
2024‑05‑24 | 0.11.14.72 | applied changes for devices and login commands, changes for registration as well |
2024‑05‑22 | 0.11.13.71 | Add Windows computer model, improve Operating System parsing |
2024‑05‑21 | 0.11.11.69 | Added additional states for Windows update, flexibility for non-standard program file configurations, support for network diagrams at the switch level, details for Windows editions |
2024‑05‑21 | 0.11.10.68 | Add specific cases for Defender patterns and Composer versions. |
2024‑05‑17 | 0.11.3.61 | Change Log storage location to c:\program files\Lavawall |
2024‑05‑17 | 0.11.1.59 | self-update improvements. |
2024‑05‑16 | 0.8.0.55 | error log reporting and management. |
2024‑05‑15 | 0.7.0.54 | Websocket resiliency improvements |
2024‑05‑09 | 0.6.0.53 | Error log reporting and management. |
2024‑05‑01 | 0.5.44.52 | Even more improvements to scheduler |
2024‑04‑24 | 0.5.41.49 | Install compatibility with Sandbox |
2024‑04‑22 | 0.5.21.29 | Project property changes to enable automated compilation with new features. |
2024‑04‑20 | 0.5.20.28 | Add motherboard serial number and company reassignment |
2024‑04‑11 | 0.5.4.12 | Automate release notes as part of build process |
2024‑05‑20 | 253 | Added cleanup of old .json files during a re-install |
2024‑05‑13 | 252 | Added apt-get update to install |
2024‑05‑06 | 248 | Allow restart to use /var/run/reboot-required if needrestart is not installed |
2024‑04‑22 | 239 | Improve internal update and version tracking |
2024‑04‑15 | 235 | Add support for Yum packages |
2024‑04‑08 | 233 | Align patching with Windows patch reporting |
2024‑04‑02 | 228 | Add support for needrestart |
2024‑03‑04 | 224 | Schedule restarts |
2024‑03‑25 | 221 | Add support for apt packages |
2024‑03‑18 | 212 | Implement release management |
2024‑03‑11 | 202 | Add user login monitoring |
2024‑03‑04 | 189 | Enhance installation reliability |
2024‑02‑26 | 187 | Exapand triggers to identify if the instance needs to be restarted |
2024‑02‑19 | 146 | Improve compatibility for non-AWS instances |
2024‑02‑14 | 138 | Add self-uninstall capabilities |
2024‑02‑12 | 135 | Enhance scheduling flexibility |
2024‑02‑07 | 132 | Add kernel version tracking |
2024‑02‑05 | 124 | Add device hash to cryptographic self-update script validation |
2024‑01‑29 | 107 | Enhance encryption of patch data |
2024‑01‑22 | 98 | Improve how available storage is calculated |
2024‑01‑15 | 97 | Move initial tasks from installation file to sub scripts |
2024‑05‑21 | 91 | Improve multi-distribution compatibility |
2024‑05‑21 | 79 | Improve encryption reliability |
2023‑12‑11 | 68 | Enhance cryptographic validation of new scripts before updating |
2023‑11‑20 | 62 | Add inner layer of AES encryption in case TLS inspection doesn't allow for a secure connection |
2023‑11‑27 | 56 | Additional base cases for resiliancy |
2023‑11‑20 | 54 | Additional headers added to authentication process during installation. |
2023‑11‑20 | 53 | Enhanced key management |
2023‑11‑15 | 51 | Add insecure installation parameter to allow installation in environments with TLS inspection or other machine-in-the-middle situations. |
2023‑11‑06 | 42 | Enhance redundant encryption during installation. |
2023‑10‑30 | 33 | Improve install-over compatibility |
2023‑10‑23 | 18 | Add reboot configuration and scheduling |
2023‑10‑23 | 17 | Add self-updating functionality. |
2023‑10‑16 | 15 | Add Linux patching information for apt |
2023‑10‑09 | 14 | Collect system information |
2023‑10‑09 | 13 | Add Linux distribution information |
2023‑09‑30 | 12 | Add memory monitoring |
2023‑09‑30 | 10 | Add hardware information |
2023‑09‑23 | 9 | Add AWS information |
2023‑09‑23 | 8 | Add customized schedule capability for configuration updates |
2023‑09‑23 | 7 | Add support for package monitoring using package and dpkg logs |
2023‑09‑16 | 6 | Add storage data configuration gathering |
2023‑09‑16 | 5 | Add CPU information |
Lavawall® is under active development with the latest release including:
Monitored Applications
System Metrics
Lavawall® prevents the 80% of breaches and failed audits due to missing patches and updates.
You can reduce application patching delays from 67 days to nearly immediate with the 350+ applications that Lavawall® monitors and patches.