CVE-2019-19362 MEDIUM

CVE-2019-19362

Vendor N/A
Product n/a
Published December 2, 2019
Last update August 5, 2024

CVSS base score

4.3/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AC:L/AV:P/A:N/C:H/I:N/PR:L/S:U/UI:N

What the vulnerability does

01Description

An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.

Key dates

02Disclosure timeline

December 2, 2019 CVE published
August 5, 2024 Record updated