CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-16550

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1540%
EPSS Percentile39.43th
Published2018年9月5日
Last Modified2024年11月21日

Vulnerability Description

TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.

Affected Platforms (CPE)

📦
Teamviewer

Teamviewer

>= 10.0.2551 and <= 13.2.9356

References & Advisories

🔗 https://twitter.com/vah_13/status/1036894081350291457
🔗 https://twitter.com/vah_13/status/1036894081350291457

関連する脆弱性情報

CVE-2010-31289.3

Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execu...

CVE-2019-182518.8

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version o...

CVE-2020-136998.8

TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch Tea...

CVE-2021-348598.8

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User inter...

CVE-2018-16550 Detail & Impact Analysis | CVSS 9.8 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space