Cyber Posture

CVE-2022-50931

HighPublic PoCLPE

Published: 13 January 2026

Published
13 January 2026
Modified
02 February 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-50931 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Teamspeak Teamspeak. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 4.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and CM-5 (Access Restrictions for Change).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-34 Non-modifiable Executable Programs good match
prevent

Directly protects the integrity of executable programs like ts3client_win32.exe from unauthorized modification by local attackers exploiting insecure file permissions.

AC-3 Access Enforcement good match
prevent

Enforces approved access control policies on system resources, including restrictive file permissions that prevent low-privilege local users from overwriting critical executables.

CM-5 Access Restrictions for Change good match
prevent

Restricts and authorizes physical and logical access associated with changes to system components, mitigating the ability of local attackers to replace executables due to permissive permissions.

NVD Description

TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access.

Deeper analysisAI

CVE-2022-50931 is an insecure file permissions vulnerability (CWE-732) in TeamSpeak 3.5.6 that enables local attackers to replace executable files with malicious binaries. The issue affects critical system executables, such as ts3client_win32.exe, due to overly permissive access controls. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high impact with low attack complexity and privileges required.

Local attackers with low-level privileges on the system can exploit this vulnerability by overwriting protected executables with custom malicious files. Successful exploitation allows elevation to SYSTEM or Administrator-level access, enabling full control over the compromised host through arbitrary code execution.

Advisories and potential patches are detailed in resources including the VulnCheck advisory at https://www.vulncheck.com/advisories/teamspeak-insecure-file-permissions, TeamSpeak's official site at https://www.teamspeak.com, and downloads page at https://www.teamspeak.com/en/downloads. A proof-of-concept exploit is available at https://www.exploit-db.com/exploits/50743.

Details

CWE(s)
CWE-732

Affected Products

teamspeak
teamspeak
3.5.6

CVEs Like This One

CVE-2024-38337Shared CWE-732
CVE-2025-0064Shared CWE-732
CVE-2026-24834Shared CWE-732
CVE-2025-1067Shared CWE-732
CVE-2026-26102Shared CWE-732
CVE-2025-0066Shared CWE-732
CVE-2025-33088Shared CWE-732
CVE-2025-12985Shared CWE-732
CVE-2025-21325Shared CWE-732
CVE-2024-57068Shared CWE-732

References