vulnerability

TeamViewer Host: CVE-2019-19362: Improper Removal of Sensitive Information Before Storage or Transfer

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Dec 2, 2019	Jul 24, 2025	Mar 25, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Dec 2, 2019

Added

Jul 24, 2025

Modified

Mar 25, 2026

Description

An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history (but does not exit the application), this data is not wiped from main memory, and therefore could be read by a local user with the same or greater privileges.

Solution

teamviewer-host-upgrade-latest

References

CWE-212
CVE-2019-19362
https://attackerkb.com/topics/CVE-2019-19362
http://nestedif.com/teamviewer-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-8983

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report