Search criteria
10 vulnerabilities found for Remote Full Client by TeamViewer
CVE-2025-0065 (GCVE-0-2025-0065)
Vulnerability from cvelistv5 – Published: 2025-01-28 10:22 – Updated: 2025-01-28 14:20
VLAI?
Summary
Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.
Severity ?
7.8 (High)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
|||||||
|
|||||||||
Credits
Anonymous of Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:19:37.192957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:20:09.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T10:22:12.492Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version.\n\n\u003cbr\u003e"
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization of Argument Delimiters in TeamViewer Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2025-0065",
"datePublished": "2025-01-28T10:22:12.492Z",
"dateReserved": "2024-12-09T10:30:28.607Z",
"dateUpdated": "2025-01-28T14:20:09.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7479 (GCVE-0-2024-7479)
Vulnerability from cvelistv5 – Published: 2024-09-25 10:34 – Updated: 2024-09-25 15:13
VLAI?
Summary
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity ?
8.8 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|||||||
|
|||||||||
Credits
Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "full_client",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:33:06.003202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:13:29.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:34:08.097Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of VPN driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7479",
"datePublished": "2024-09-25T10:34:08.097Z",
"dateReserved": "2024-08-05T08:31:27.175Z",
"dateUpdated": "2024-09-25T15:13:29.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7481 (GCVE-0-2024-7481)
Vulnerability from cvelistv5 – Published: 2024-09-25 10:33 – Updated: 2024-09-25 15:16
VLAI?
Summary
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity ?
8.8 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|||||||
|
|||||||||
Credits
Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*",
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:14:22.442380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:16:30.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:33:12.452Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of Printer driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7481",
"datePublished": "2024-09-25T10:33:12.452Z",
"dateReserved": "2024-08-05T08:46:23.334Z",
"dateUpdated": "2024-09-25T15:16:30.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6053 (GCVE-0-2024-6053)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:30 – Updated: 2024-08-28 17:47
VLAI?
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
Severity ?
4.3 (Medium)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Meeting |
Affected:
0 , < 15.55.3
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:46:55.180517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:47:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.55.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.44.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-27T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.\u003cbr\u003e"
}
],
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:58.925Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access control in the clipboard synchronization feature",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-6053",
"datePublished": "2024-08-28T16:30:58.925Z",
"dateReserved": "2024-06-17T11:41:33.256Z",
"dateUpdated": "2024-08-28T17:47:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0819 (GCVE-0-2024-0819)
Vulnerability from cvelistv5 – Published: 2024-02-27 14:07 – Updated: 2024-08-05 15:00
VLAI?
Summary
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
Severity ?
7.3 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.51.5
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "remote",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:52:54.513022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:00:18.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\u003c/span\u003e\n\n"
}
],
"value": "\nImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T14:07:24.294Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete protection of personal password settings",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-0819",
"datePublished": "2024-02-27T14:07:24.294Z",
"dateReserved": "2024-01-23T12:46:32.947Z",
"dateUpdated": "2024-08-05T15:00:18.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0065 (GCVE-0-2025-0065)
Vulnerability from nvd – Published: 2025-01-28 10:22 – Updated: 2025-01-28 14:20
VLAI?
Summary
Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.
Severity ?
7.8 (High)
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.62
(custom)
Affected: 14.0.0 , < 14.7.48799 (custom) Affected: 13.0.0 , < 13.2.36226 (custom) Affected: 12.0.0 , < 12.0.259319 (custom) Affected: 11.0.0 , < 11.0.259318 (custom) |
|||||||
|
|||||||||
Credits
Anonymous of Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:19:37.192957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T14:20:09.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.62",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48799",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36226",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259319",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259318",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous of Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"value": "Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T10:22:12.492Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version.\n\n\u003cbr\u003e"
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization of Argument Delimiters in TeamViewer Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2025-0065",
"datePublished": "2025-01-28T10:22:12.492Z",
"dateReserved": "2024-12-09T10:30:28.607Z",
"dateUpdated": "2025-01-28T14:20:09.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7479 (GCVE-0-2024-7479)
Vulnerability from nvd – Published: 2024-09-25 10:34 – Updated: 2024-09-25 15:13
VLAI?
Summary
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity ?
8.8 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|||||||
|
|||||||||
Credits
Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "full_client",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T14:33:06.003202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:13:29.437Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:34:08.097Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of VPN driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7479",
"datePublished": "2024-09-25T10:34:08.097Z",
"dateReserved": "2024-08-05T08:31:27.175Z",
"dateUpdated": "2024-09-25T15:13:29.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7481 (GCVE-0-2024-7481)
Vulnerability from nvd – Published: 2024-09-25 10:33 – Updated: 2024-09-25 15:16
VLAI?
Summary
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
Severity ?
8.8 (High)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
15.0.0 , < 15.58.4
(custom)
Affected: 14.0.0 , < 14.7.48796 (custom) Affected: 13.0.0 , < 13.2.36225 (custom) Affected: 12.0.0 , < 12.0.259312 (custom) Affected: 11.0.0 , < 11.0.259311 (custom) |
|||||||
|
|||||||||
Credits
Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:full_client:*:*:*:*:*:*:*:*",
"cpe:2.3:a:teamviewer:host:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "host",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:14:22.442380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:16:30.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.58.4",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThan": "14.7.48796",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "13.2.36225",
"status": "affected",
"version": "13.0.0",
"versionType": "custom"
},
{
"lessThan": "12.0.259312",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.259311",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Gabaldon (https://pgj11.com/) working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"value": "Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T10:33:12.452Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to the latest version."
}
],
"value": "Update to the latest version."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper signature verification of Printer driver installation in TeamViewer Remote Clients",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-7481",
"datePublished": "2024-09-25T10:33:12.452Z",
"dateReserved": "2024-08-05T08:46:23.334Z",
"dateUpdated": "2024-09-25T15:16:30.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6053 (GCVE-0-2024-6053)
Vulnerability from nvd – Published: 2024-08-28 16:30 – Updated: 2024-08-28 17:47
VLAI?
Summary
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
Severity ?
4.3 (Medium)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Meeting |
Affected:
0 , < 15.55.3
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:46:55.180517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:47:14.592Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.55.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.44.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"iOS"
],
"product": "Meeting",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"MacOS"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.57.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-08-27T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.\u003cbr\u003e"
}
],
"value": "Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359 Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:58.925Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper access control in the clipboard synchronization feature",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-6053",
"datePublished": "2024-08-28T16:30:58.925Z",
"dateReserved": "2024-06-17T11:41:33.256Z",
"dateUpdated": "2024-08-28T17:47:14.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0819 (GCVE-0-2024-0819)
Vulnerability from nvd – Published: 2024-02-27 14:07 – Updated: 2024-08-05 15:00
VLAI?
Summary
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.
Severity ?
7.3 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TeamViewer | Remote Full Client |
Affected:
0 , < 15.51.5
(custom)
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:teamviewer:remote:15.51.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "remote",
"vendor": "teamviewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:52:54.513022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T15:00:18.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Full Client",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux"
],
"product": "Remote Host",
"vendor": "TeamViewer",
"versions": [
{
"lessThan": "15.51.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\u003c/span\u003e\n\n"
}
],
"value": "\nImproper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T14:07:24.294Z",
"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"shortName": "TV"
},
"references": [
{
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete protection of personal password settings",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
"assignerShortName": "TV",
"cveId": "CVE-2024-0819",
"datePublished": "2024-02-27T14:07:24.294Z",
"dateReserved": "2024-01-23T12:46:32.947Z",
"dateUpdated": "2024-08-05T15:00:18.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}