4 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service, which listens on TCP port 5939 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481 https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service, which listens on TCP port 5939 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481 https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading. La validación inadecuada de huellas dactilares en TeamViewer Client (Full & Host) anterior a la versión 15.54 para Windows y macOS permite a un atacante con derechos de usuario administrativo elevar aún más los privilegios mediante la descarga de archivos ejecutables. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0

Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account. La inicialización incorrecta de la configuración predeterminada en TeamViewer Remote Client, versión anterior a 15.51.5 para Windows, Linux y macOS, permite a un usuario con pocos privilegios elevar sus privilegios cambiando la configuración de la contraseña personal y estableciendo una conexión remota a una cuenta de administrador que haya iniciado sesión. • https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001 • CWE-269: Improper Privilege Management •