TV-2023-1002

Hotfix for curl and libcurl vulnerability

Bulletin ID
TV-2023-1002
Issue Date
11 ott 2023
Last Update
11 ott 2023
Priorità
alta
Assigned CVE
CVE-2023-38545
Affected Products
TeamViewer Remote
TeamViewer Tensor
TeamViewer Frontline
TeamViewer Remote Management

The third-party opensource project curl / libcurl, which is widely used in the software industry is subject to a vulnerability, rated with severity “High” and tracked as CVE-2023-38545.

We have made a hotfix for all potentially affected TeamViewer clients available already. We strongly recommend updating affected clients immediately.

1. Details

Clients

Application Versions Status Fixed version User action required

TeamViewer Remote client for Windows, Linux and macOS (Full, Host, QS)

15.22.1 – 15.46.5

Update available

15.46.7

Update to fixed version or higher.

TeamViewer Remote client for Windows, Linux and macOS (Full, Host, QS)

Before 15.22.1 including major versions before 15.

Not affected

We always recommend updating to the latest version available.

TeamViewer Remote web client

all

Not affected

No action required.

TeamViewer Meeting for Windows

Before 15.46.8

Update available

15.46.8

Update to fixed version or higher.

TeamViewer Meeting for macOS

Before 15.46.8

Update available

15.46.8

Update to fixed version or higher.

TeamViewer QuickSupport for Android

Before 15.46.303

Update available

15.46.303

Update to fixed version or higher.

TeamViewer Remote Control for Android

Before 15.46.306

Update available

15.46.306

Update to fixed version or higher.

TeamViewer Host for Android

Before 15.46.304

Update available

15.46.304

Update to fixed version or higher.

TeamViewer AssistAR for Android

Before 15.46.304

Update available

15.46.304

Update to fixed version or higher.

TeamViewer Meeting for Android

Before 15.44.3

Update available

15.44.3

Update to fixed version or higher.

TeamViewer QuickSupport for iOS

Before 15.46.2

Update available

15.46.2

Update to fixed version or higher.

TeamViewer Remote Control for iOS

Before 15.46.2

Update available

15.46.2

Update to fixed version or higher.

TeamViewer AssistAR for iOS

Before 2.48.1

Update available

2.48.1

Update to fixed version or higher.

TeamViewer Meeting for iOS

Before 15.44.1

Update available

15.44.1

Update to fixed version or higher.

TeamViewer Remote Management: Patch Management

Before 23.10.2

Update available

23.10.2

Update to fixed version or higher.

TeamViewer Frontline Spatial Editor

Before 4.19.1

Update available

4.19.1

Update to fixed version or higher.

Server / Backend

Products Remediation status User action

TeamViewer Remote 

Patched / Fixed

Not required

TeamViewer Tensor

Patched / Fixed

Not required

TeamViewer Frontline

Patched / Fixed

Not required

TeamViewer Remote Management

Patched / Fixed

Not required

Infrastructure

Although our infrastructure is not affected by any known attack vector regarding the curl and libcurl vulnerability, we have patched all related components.

2. FAQ

How can I check if my client is affected?

In the TeamViewer client, click on Help -> About TeamViewer and compare the version number to the version numbers provided above. You can also check for updates as described in https://community.teamviewer.com/English/kb/articles/109987-update-teamviewer.

We are currently not aware of ways to exploit this vulnerability in our applications, however as a precautionary measure we recommend updating to the most recent version.

What can happen when this vulnerability is exploited?

This libcurl vulnerability is a buffer overflow and – if successfully exploited – could lead to code execution in the context of the application.

Does TeamViewer have evidence of exploitation?

We are currently not aware of ways to exploit this vulnerability in our applications, however as a precautionary measure we recommend updating to the most recent version anyways.

I’m not able to update an affected client. What can I do to mitigate the risk?

This libcurl vulnerability affects the code that handles HTTP/HTTPS requests via a SOCKS5 proxy. Hence it is very important to ensure that the proxy configuration of your devices is always under control, that only trusted proxy configurations are allowed and that no SOCKS5 proxies have been configured.