Announcements

Remote Control for all devices running Android 7+ is here!

(Incl. Google Pixel series, Xiaomi smartphones, Oppo devices, and many more)


Learn more

Highlighted
Posted by Community Manager
Community Manager

Statement on CVE 2020-13699

Hi all,

Today we are releasing some updates for TeamViewer 8 through 15, for the Windows platform.

We implemented some improvements in URI handling relating to CVE 2020-13699.

Please see our Change Logs here.

Nota Bene: Thank you, Jeffrey Hofmann with Praetorian, for your professionalism and following a responsible disclosure model. We are grateful that you reached out to us and that you could confirm the fix of your findings in the latest release.

All the best,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

22 Replies
Highlighted
Posted by
Digon

Re: Statement on CVE 2020-13699

and how important is it to deploy updated version that in our company? No infos about CVE 2020-13699 found....

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

Hi @Sascha2 

Thanks for your post.

Meanwhile, the CVE-details have been released.

As always, we recommend updating to the latest version to benefit from the latest security patches.

Thanks and best,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Digon

Re: Statement on CVE 2020-13699

Hi @Esther ,

thx for information. Sounds like update is needed.

Regards,

Sascha

Highlighted
Posted by
Digon

CVE-2020-13699

Hi, my company has enterprise license for TV version 10. Since we are affected by the CVE-2020-13699, do we get to patch our TV?

Highlighted
Posted by Community Manager
Community Manager

Re: CVE-2020-13699

Hi @junxian_li 

We recommend to update all TeamViewer installation to the latest version. For TeamViewer 10 the patched version number is v10.0.258873.

You find the Change Log here: [Windows] v10.0.258873 - Change Log and the download here: TeamViewer Download for previous versions

Thanks and best,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Digon

Re: CVE-2020-13699

Hi Esther, 

Thanks, will update it.

Just wondering, why does another version (10.0.223995) appears when I click on Help -> Check for new version ?

updateupdate

Highlighted
Posted by
Henagon

Re: Statement on CVE 2020-13699

Hi Esther,

We are on version 11.x Do we need an update for TV_Hosts and TV-Quick-Support?
Will updated files be available for download in the TeamViewer Management Console?
Those files are last updated on the 13th of July.

Thank you.

Marc

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

HI @ma7c 

All fresh downloads from within the Management Console should get the latest version automatically (=get.teamviewer.com/yourlink...).

The Management Console will offer you the update if you still have older versions in there via a banner that appears in the Design & Deploy tab.

That means, the next time, your customers are starting your customized modues, they should get the new version automatically.

If you deployed your Hosts via MSI, please make a new deployment with the updated Host as the MSI does not include an update feature.

Regular installed Hosts and full versions, having Automatic update enabled within the options, should already have received the update.

@junxian_li  I am checking internally with the team and get back to you soonest why the PopUp does not show the correct version number.

Thanks and best,

Esther

 

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Henagon

Re: Statement on CVE 2020-13699

Hi Esther,

this public Host-Installer from https://download.teamviewer.com/download/version_11x/TeamViewer_Host_Setup.exe is still an old version from last month (13th July). Will there be an update for re-deployment?

Thank you
Marc

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

HI @ma7c 

When downloading it, it gives me the correct version (Sorry for the screenshot in German): 

Install_Host.png

See: [Windows] v11.0.258870 - Change Log

Can you check again?

Thanks, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by Community Manager
Community Manager

Re: CVE-2020-13699

Hi @junxian_li 

Thanks for your patience.

Would you mind to test the download again and see whether the PopUp now offers the correct version 10?

I am looking forward to your feedback.

Thanks and best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Henagon

Re: Statement on CVE 2020-13699

That's totally correct. I was on the msi TV-Host files, the .exe files are up-to-date.

Thank you, best regards
Marc

Highlighted
Posted by
Photon

Re: Statement on CVE 2020-13699

@Esther The CVE indicates the vulnerability applies to version 15.8.3 also. When I attempt to update through the TV client it indicates I don't have an update, 15.8.3 is the latest available and the date on that is July 20th. 

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

Hi @ShaverLake 

Oh -where did you read that?

But no worries - TeamViewer 15.8.3 includes the patch for the CVE - see the versions Change Log

We also released new versions for TeamViewer 8, 9, 10,11, 12, 13, 14.2 and 14.7 to address the topic.

Best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Henagon

Re: Statement on CVE 2020-13699

@Esther 

Does TeamViewer 15.8.3 for Windows update require older versions of TeamViewer to also update due to fix in URI handling? We are receiving error when connecting from TeamViewer 15 to TeamViewer 11 Host which should be backwards compatible.

"The remote TeamViewer is running an old version which is out of date. Therefore you cannot connect to this Version anymore."

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

Hi @MJW 

The message you got indicates that you have not been signed in with your licensed TeamViewer account when trying to start the connection as connections to older TeamViewer versions require a license.

After logging in to your Computers & Contacts list you should be able to connect again.

Still - we recommend updating all endpoints to the latest version (not necessarily to TeamViewer 15, but within their version). There is an update for TeamViewer 11 available. See its Change Log here: [Windows] v11.0.258870 - Change Log

I hope this info helps you.

Best,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by
Henagon

Re: Statement on CVE 2020-13699

@Esther  Thank you, Esther! I believe that is the issue.

Highlighted
Posted by TeamViewer Star
TeamViewer Star

Re: Statement on CVE 2020-13699

Could somebody of TeamViewer Team explain/elaborate about:

Does the problem concern the program on the side initiating the connection or also the program on the side hosting/sharing the remote desktop.

I need to know whether I should update it also on remote computer stations or only locally in my office on all my local workstation which will connect to our remote clients (my company mainly deals with IT Support for our clients/customers).

Regards,
mLipok , AutoIt MVP

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button.

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

Hi @mLipok 

We recommend updating your local devices as well as the remote devices to apply the patch.

Best,

Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by TeamViewer Star
TeamViewer Star

Re: Statement on CVE 2020-13699

Even on TeamViewer Host ?

Regards,
mLipok , AutoIt MVP

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button.

Highlighted
Posted by Community Manager
Community Manager

Re: Statement on CVE 2020-13699

Hi again,

Thanks for the question: yes - all installations 👍 

Best, Esther

Community Manager

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button. Find more information here: Knowledge Base | Community Blog | How to get started

Highlighted
Posted by TeamViewer Star
TeamViewer Star

Re: Statement on CVE 2020-13699

as this is very important things to do I want to refresh one question which was discussed in this following IDEAS/FeatureRequest:

https://community.teamviewer.com/t5/API-and-Scripting/How-to-get-list-of-outdated-host/m-p/91622#M11...

and ....
Ask how I can get the list of remote host where TV program is outdated ?

Is it possible with any TeamViewer tools/api ?

Regards,
mLipok , AutoIt MVP

Did my reply answer your question? Accept it as a solution to help others.
Find this helpful? Say thanks by clicking on the Thumbs Up button.