CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-0065 – Improper Neutralization of Argument Delimiters in TeamViewer Clients
https://notcve.org/view.php?id=CVE-2025-0065
28 Jan 2025 — Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fl... • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1001 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12363 – Insufficient permissions in the TeamViewer Patch & Asset Management component
https://notcve.org/view.php?id=CVE-2024-12363
11 Dec 2024 — Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management. Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1008 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 3%CPEs: 10EXPL: 3CVE-2024-7479 – Improper signature verification of VPN driver installation in TeamViewer Remote Clients
https://notcve.org/view.php?id=CVE-2024-7479
25 Sep 2024 — Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in o... • https://packetstorm.news/files/id/182012 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2024-7481 – Improper signature verification of Printer driver installation in TeamViewer Remote Clients
https://notcve.org/view.php?id=CVE-2024-7481
25 Sep 2024 — Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system ... • https://packetstorm.news/files/id/182012 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-6053 – Improper access control in the clipboard synchronization feature
https://notcve.org/view.php?id=CVE-2024-6053
28 Aug 2024 — Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1007 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-2451 – Improper fingerprint validation in the TeamViewer Client
https://notcve.org/view.php?id=CVE-2024-2451
28 May 2024 — Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading. La validación inadecuada de huellas dactilares en TeamViewer Client (Full & Host) anterior a la versión 15.54 para Windows y macOS permite a un atacante con derechos de usuario administrativo elevar aún más los privilegios mediante la descarga de archivos ejecutables. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1933 – Improper symlink resolution in TeamViewer Remote client for macOS
https://notcve.org/view.php?id=CVE-2024-1933
26 Mar 2024 — Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a denial-of-service-attack by overwriting the symlink. El enlace simbólico inseguro de UNIX (enlace simbólico) que se sigue en TeamViewer Remote Client, versión anterior 15.52 para macOS, permite a un atacante con acceso sin privilegios elevar potencialmente los privilegios o realizar un ataque de denegación de ser... • https://www.teamviewer.com/de/resources/trust-center/security-bulletins/tv-2024-1002 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0819 – Incomplete protection of personal password settings
https://notcve.org/view.php?id=CVE-2024-0819
27 Feb 2024 — Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account. La inicialización incorrecta de la configuración predeterminada en TeamViewer Remote Client, versión anterior a 15.51.5 para Windows, Linux y macOS, permite a un usuario con pocos privilegios elevar sus privilegios cambiando la c... • https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2024-1001 • CWE-269: Improper Privilege Management •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0837
https://notcve.org/view.php?id=CVE-2023-0837
14 Jun 2023 — An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to the configuration. Una comprobación de autorización incorrecta de la configuración del dispositivo local en TeamViewer Remote entre las versiones 15.41 y 15.42.7 para Windows y macOS permite a un usuario sin privilegios cambiar la confi... • https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2023-1001 • CWE-285: Improper Authorization •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23242 – TeamViewer Linux - Deletion command not properly executed after process crash
https://notcve.org/view.php?id=CVE-2022-23242
23 Mar 2022 — TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password. TeamViewer Linux versiones anteriores a 15.28, no ejecutan correctamente un comando de borrado de la co... • https://www.teamviewer.com/en/trust-center/security-bulletins/TV-2022-1001 • CWE-404: Improper Resource Shutdown or Release •