TV-2023-1002
Hotfix for curl and libcurl vulnerability
- Bulletin ID
- TV-2023-1002
- Date Published
- 11 de out de 2023
- Last Update
- 20 de out de 2020
- Priority
- Important
- Assigned CVE
- CVE-2023-38545
- Affected Products
- TeamViewer Remote
- TeamViewer Tensor
- TeamViewer Frontline
- TeamViewer Remote Management
The third-party opensource project curl / libcurl, which is widely used in the software industry is subject to a vulnerability, rated with severity “High” and tracked as CVE-2023-38545.
We have made a hotfix for all potentially affected TeamViewer clients available already. We strongly recommend updating affected clients immediately.
1. Details
Clients
Server / Backend
Infrastructure
Although our infrastructure is not affected by any known attack vector regarding the curl and libcurl vulnerability, we have patched all related components.
2. FAQ
How can I check if my client is affected?
In the TeamViewer client, click on Help -> About TeamViewer and compare the version number to the version numbers provided above. You can also check for updates as described in https://community.teamviewer.com/English/kb/articles/109987-update-teamviewer.
We are currently not aware of ways to exploit this vulnerability in our applications, however as a precautionary measure we recommend updating to the most recent version.
What can happen when this vulnerability is exploited?
This libcurl vulnerability is a buffer overflow and – if successfully exploited – could lead to code execution in the context of the application.
Does TeamViewer have evidence of exploitation?
We are currently not aware of ways to exploit this vulnerability in our applications, however as a precautionary measure we recommend updating to the most recent version anyways.
I’m not able to update an affected client. What can I do to mitigate the risk?
This libcurl vulnerability affects the code that handles HTTP/HTTPS requests via a SOCKS5 proxy. Hence it is very important to ensure that the proxy configuration of your devices is always under control, that only trusted proxy configurations are allowed and that no SOCKS5 proxies have been configured.