Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for Remote Full Client by TeamViewer
CVE-2025-0065 (GCVE-0-2025-0065)
Vulnerability from cvelistv5 – Published: 2025-01-28 10:22 – Updated: 2025-01-28 14:20
VLAI
Title
Improper Neutralization of Argument Delimiters in TeamViewer Clients
Summary
Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:19:37.192957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:20:09.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T10:22:12.492Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version.\n\n\u003cbr\u003e"
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization of Argument Delimiters in TeamViewer Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2025-0065",
"datePublished": "2025-01-28T10:22:12.492Z",
"dateReserved": "2024-12-09T10:30:28.607Z",
"dateUpdated": "2025-01-28T14:20:09.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7479 (GCVE-0-2024-7479)
Vulnerability from cvelistv5 – Published: 2024-09-25 10:34 – Updated: 2024-09-25 15:13
VLAI
Title
Improper signature verification of VPN driver installation in TeamViewer Remote Clients
Summary
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| teamviewer | full_client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:* |
|
| teamviewer | host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "full_client",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:33:06.003202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:13:29.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:34:08.097Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of VPN driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7479",
"datePublished": "2024-09-25T10:34:08.097Z",
"dateReserved": "2024-08-05T08:31:27.175Z",
"dateUpdated": "2024-09-25T15:13:29.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7481 (GCVE-0-2024-7481)
Vulnerability from cvelistv5 – Published: 2024-09-25 10:33 – Updated: 2024-09-25 15:16
VLAI
Title
Improper signature verification of Printer driver installation in TeamViewer Remote Clients
Summary
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| teamviewer | host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:* cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*",
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:14:22.442380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:16:30.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:33:12.452Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of Printer driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7481",
"datePublished": "2024-09-25T10:33:12.452Z",
"dateReserved": "2024-08-05T08:46:23.334Z",
"dateUpdated": "2024-09-25T15:16:30.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6053 (GCVE-0-2024-6053)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:30 – Updated: 2024-08-28 17:47
VLAI
Title
Improper access control in the clipboard synchronization feature
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Meeting |
Affected:
0 , < 15.55.3
(custom)
|
|
| TeamViewer | Meeting |
Affected:
0 , < 15.44.7
(custom)
|
|
| TeamViewer | Meeting |
Affected:
0 , < 15.57
(custom)
|
|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.57.3
(custom)
|
Date Public
2024-08-27 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:46:55.180517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:47:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.55.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.44.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-27T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.\u003cbr\u003e"
}
],
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:58.925Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access control in the clipboard synchronization feature",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-6053",
"datePublished": "2024-08-28T16:30:58.925Z",
"dateReserved": "2024-06-17T11:41:33.256Z",
"dateUpdated": "2024-08-28T17:47:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0819 (GCVE-0-2024-0819)
Vulnerability from cvelistv5 – Published: 2024-02-27 14:07 – Updated: 2024-08-05 15:00
VLAI
Title
Incomplete protection of personal password settings
Summary
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.51.5
(custom)
|
|
| TeamViewer | Remote Host |
Affected:
0 , < 15.51.5
(custom)
|
|
| teamviewer | remote |
Affected:
0 , < 15.51.5
(custom)
cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "remote",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:52:54.513022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:00:18.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\u003c/span\u003e\n\n"
}
],
"value": "\nImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T14:07:24.294Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete protection of personal password settings",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-0819",
"datePublished": "2024-02-27T14:07:24.294Z",
"dateReserved": "2024-01-23T12:46:32.947Z",
"dateUpdated": "2024-08-05T15:00:18.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0065 (GCVE-0-2025-0065)
Vulnerability from nvd – Published: 2025-01-28 10:22 – Updated: 2025-01-28 14:20
VLAI
Title
Improper Neutralization of Argument Delimiters in TeamViewer Clients
Summary
Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:19:37.192957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:20:09.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T10:22:12.492Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version.\n\n\u003cbr\u003e"
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization of Argument Delimiters in TeamViewer Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2025-0065",
"datePublished": "2025-01-28T10:22:12.492Z",
"dateReserved": "2024-12-09T10:30:28.607Z",
"dateUpdated": "2025-01-28T14:20:09.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7479 (GCVE-0-2024-7479)
Vulnerability from nvd – Published: 2024-09-25 10:34 – Updated: 2024-09-25 15:13
VLAI
Title
Improper signature verification of VPN driver installation in TeamViewer Remote Clients
Summary
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| teamviewer | full_client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:* |
|
| teamviewer | host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "full_client",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:33:06.003202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:13:29.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:34:08.097Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of VPN driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7479",
"datePublished": "2024-09-25T10:34:08.097Z",
"dateReserved": "2024-08-05T08:31:27.175Z",
"dateUpdated": "2024-09-25T15:13:29.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7481 (GCVE-0-2024-7481)
Vulnerability from nvd – Published: 2024-09-25 10:33 – Updated: 2024-09-25 15:16
VLAI
Title
Improper signature verification of Printer driver installation in TeamViewer Remote Clients
Summary
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| TeamViewer | Remote Host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|
| teamviewer | host |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:* cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*",
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:14:22.442380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:16:30.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:33:12.452Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of Printer driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7481",
"datePublished": "2024-09-25T10:33:12.452Z",
"dateReserved": "2024-08-05T08:46:23.334Z",
"dateUpdated": "2024-09-25T15:16:30.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6053 (GCVE-0-2024-6053)
Vulnerability from nvd – Published: 2024-08-28 16:30 – Updated: 2024-08-28 17:47
VLAI
Title
Improper access control in the clipboard synchronization feature
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Meeting |
Affected:
0 , < 15.55.3
(custom)
|
|
| TeamViewer | Meeting |
Affected:
0 , < 15.44.7
(custom)
|
|
| TeamViewer | Meeting |
Affected:
0 , < 15.57
(custom)
|
|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.57.3
(custom)
|
Date Public
2024-08-27 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:46:55.180517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:47:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.55.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.44.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-27T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.\u003cbr\u003e"
}
],
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:58.925Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access control in the clipboard synchronization feature",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-6053",
"datePublished": "2024-08-28T16:30:58.925Z",
"dateReserved": "2024-06-17T11:41:33.256Z",
"dateUpdated": "2024-08-28T17:47:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0819 (GCVE-0-2024-0819)
Vulnerability from nvd – Published: 2024-02-27 14:07 – Updated: 2024-08-05 15:00
VLAI
Title
Incomplete protection of personal password settings
Summary
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.51.5
(custom)
|
|
| TeamViewer | Remote Host |
Affected:
0 , < 15.51.5
(custom)
|
|
| teamviewer | remote |
Affected:
0 , < 15.51.5
(custom)
cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "remote",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:52:54.513022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:00:18.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\u003c/span\u003e\n\n"
}
],
"value": "\nImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T14:07:24.294Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete protection of personal password settings",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-0819",
"datePublished": "2024-02-27T14:07:24.294Z",
"dateReserved": "2024-01-23T12:46:32.947Z",
"dateUpdated": "2024-08-05T15:00:18.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}