How severe is CVE-2019-18196?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2019-18196?

This is classified as CWE-426, which is a common weakness in software security.

CVE-2019-18196 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code execution on a target system via a service restart where the DLL was previously installed with administrative privileges. Exploitation requires that an attacker be able to create a new file in the TeamViewer application directory; directory permissions restrict that by default.

Related Vulnerabilities

CVE-2019-17449

MEDIUM

CVSS:6.7(Medium)

Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privil...

CWE-4262019

CVE-2019-3648

MEDIUM

CVSS:6.7(Medium)

A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious fil...

CWE-4262019

CVE-2020-7315

MEDIUM

CVSS:6.7(Medium)

DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.

CWE-4262020

CVE-2023-39201

MEDIUM

CVSS:6.7(Medium)

Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access.

CWE-4262023

CVE-2024-6769

HIGH

CVSS:6.7(Medium)

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allow...

CWE-4262024

CVE-2019-17100

MEDIUM

CVSS:6.5(Medium)

An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Secu...

CWE-4262019