vulnerability

TeamViewer Host: CVE-2019-19362: Improper Removal of Sensitive Information Before Storage or Transfer

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Dec 2, 2019	Jul 24, 2025	Jul 24, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Dec 2, 2019

Added

Jul 24, 2025

Modified

Jul 24, 2025

Description

An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.

Solution

teamviewer-host-upgrade-latest

References

CWE-212
CVE-2019-19362
https://attackerkb.com/topics/CVE-2019-19362
URL-http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today