TeamViewer Unicode Password Storage Vulnerability

TeamViewer Unicode Password Storage Vulnerability

CVE-2018-14333 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which TeamViewer has disconnected but remains running.

Learn more about our Web Application Penetration Testing UK.