漏洞标题
N/A
漏洞描述信息
TeamViewer Desktop 通過 14.7.1965 允許绕过远程登录访问控制,因為相同的密碼被用於不同客戶的安裝。自 v7.0.43148 開始,它已經用於所有安裝使用共享 AES 密碼,並在目前的產品版本中至少用於 OptionsPasswordAES 的选项。如果攻擊者知道這個密碼,他们可以解鎖 TeamViewer 檔案中的隱藏信息。在 v9.x 之前的版本中,這使攻擊者可以解鎖非隱式用戶密鑰(這允許攻擊者進入系統並隱身瀏覽文件)。最終版本仍然使用相同的选项PasswordAES 密碼,但似乎已經改變了非隱式用戶密鑰的存储方式。當然,在大多数情况下,攻擊者需要系統上已經存在的会話,但如果檔案共享(如文件共享或線上)存储在讀寫器之外的地方(例如文件共享或網上),攻擊者就可以解鎖所需的密鑰進入系統。
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
TeamViewer 授权问题漏洞
漏洞描述信息
TeamViewer是德国TeamViewer公司的一套用于远程控制、桌面共享和文件传输的软件。 TeamViewer Desktop 14.7.1965及之前版本中存在安全漏洞,该漏洞源于不同用户在安装过程中使用了相同的密钥。攻击者可利用该漏洞绕过远程登录访问控制。
CVSS信息
N/A
漏洞类别
授权问题