TeamViewer Privilege Escalation Vulnerability

A critical vulnerability in TeamViewer’s Windows Remote client, CVE-2024-7479 and CVE-2024-7481, allows attackers to elevate privileges on affected systems across various versions.

TeamViewer Vulnerability Flaw

The vulnerability in TeamViewer arises from inadequate verification of cryptographic signatures in the TeamViewer_service.exe component. This issue allows attackers with local, unprivileged access to a Windows system to escalate their privileges, effectively gaining administrative rights.

Once an attacker has elevated privileges, they could install drivers, manipulate system processes, or gain deeper control of the system.

Rated with a CVSS 3.1 base score of 8.8, this flaw is classified as high severity. Such a rating reflects the significant risk it poses, particularly in environments where untrusted individuals may have physical or remote access to a system.

If exploited, this vulnerability could be leveraged to execute malicious software, steal sensitive data, or disrupt operations on affected machines.

Affected versions include TeamViewer Remote full client and Remote Host for Windows earlier than version 15.58.4, as well as several older versions dating back to version 11. TeamViewer resolved this issue in version 15.58.4 and strongly advises users to update immediately.

TeamViewer users are advised to update to the latest version to mitigate this security risk and prevent potential exploitation.

‍Follow Us on: Twitter, Instagram, Facebook to get the latest security news!