TeamSpeak 3.5.6 contains an insecure file permissions... · CVE-2022-50931 · GitHub Advisory Database · GitHub

TeamSpeak 3.5.6 contains an insecure file permissions...

High severity Unreviewed Published Jan 14, 2026 to the GitHub Advisory Database • Updated Jan 14, 2026

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.

References

Published by the National Vulnerability Database

Jan 13, 2026

Published to the GitHub Advisory Database Jan 14, 2026

Last updated Jan 14, 2026

Severity

High

/ 10

CVSS v4 base metrics

Exploitability Metrics

Attack Vector Local

Attack Complexity Low

Attack Requirements None

Privileges Required Low

User interaction None

Vulnerable System Impact Metrics

Confidentiality High

Integrity High

Availability High

Subsequent System Impact Metrics

Confidentiality None

Integrity None

Availability None

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X