TV-2022-1001

Bulletin ID: TV-2022-1001
Issue Date: Jun 14, 2023
Last Update: Jun 14, 2023
Priority: Moderate
CVSS: 6.3 (medium)
Assigned CVE: CVE-2022-23242
Affected Products: TeamViewer for Linux

1. Summary

A bug has been found in TeamViewer for Linux before 15.28, that could result in an inadvertent re-use of a previously used connection password after a process crash. The bug has been fixed with version 15.28. We recommend updating your Linux client installations at the earliest convenience.

2. Vulnerability Details

CVE-ID	CVE-2022-23242
Description	TeamViewer Linux versions before 15.28 did not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password. We do not have any indication of active exploitation.
CVSS3.0 Score	Base Score 6.3 (medium)
CVSS3.0 Vector String	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
Problem type	N/A

3. Affected products & versions

Product	Versions	Info
TeamViewer for Linux	15.27 and lower	Update available

4. Solutions & mitigations

Update to the latest version (15.28 or higher)

5. Additional Resources

For users leveraging passwordless authentication (“Easy Access”) and/or MFA for connections the issue is not exploitable.

https://community.teamviewer.com/English/kb/articles/108791-two-factor-authentication-for-connections

https://community.teamviewer.com/English/kb/articles/108681-best-practices-for-secure-unattended-access

Download resources:

https://www.teamviewer.com/en/download/linux/

6. Acknowledgments

We thank Weaponshotgun & WildZarek very much for their research and responsible disclosure.

Do you want to report a security issue?

TeamViewer’s security team will investigate every submission in our Vulnerability Disclosure Program.

See our VDP

Personal use and SMB TeamViewer Remote

Enterprise TeamViewer Tensor

Real-time troubleshooting TeamViewer DEX

Connected worker TeamViewer Frontline

TeamViewer ONE

Key integrations

TeamViewer ONE Platform

Core capabilities

Gartner Report 2025

TeamViewer named a leader in DEX

Key integrations

Popular use cases Most popular TeamViewer use cases

Other use cases Popular solutions for further use cases

By need Popular solutions for different requirements

By industries Popular solutions sorted by industry

Talk to our sales team

Resources

Partner

Support

Company

Incomplete protection of local device settings

1. Summary

2. Vulnerability Details

3. Affected products & versions

4. Solutions & mitigations

5. Additional Resources

6. Acknowledgments

Do you want to report a security issue?

Please choose your region

SUGGESTED REGION

Americas

Asia Pacific

Commonwealth of Independent States

Europe

Middle East Africa

Personal use and SMB TeamViewer Remote

Enterprise TeamViewer Tensor

Real-time troubleshooting TeamViewer DEX

Connected worker TeamViewer Frontline

TeamViewer ONE

Key integrations

TeamViewer ONE Platform

Core capabilities

Gartner Report 2025

TeamViewer named a leader in DEX

Key integrations

Popular use cases Most popular TeamViewer use cases

Other use cases Popular solutions for further use cases

By need Popular solutions for different requirements

By industries Popular solutions sorted by industry

Talk to our sales team

Find out more about TeamViewer

Resources

Partner

Support

Company

Incomplete protection of local device settings

1. Summary

2. Vulnerability Details

3. Affected products & versions

4. Solutions & mitigations

5. Additional Resources

6. Acknowledgments

Do you want to report a security issue?

Please choose your region

SUGGESTED REGION

Americas

Asia Pacific

Commonwealth of Independent States

Europe

Middle East Africa